CVE-2025-69386 WordPress RVCFDI para Woocommerce plugin <= 8.1.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in realvirtualmx RVCFDI para Woocommerce rvcfdi-para-woocommerce allows Reflected XSS.This issue affects RVCFDI para Woocommerce: from n/a through = 8.1.8...

CVE-2025-69386 WordPress RVCFDI para Woocommerce plugin <= 8.1.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in realvirtualmx RVCFDI para Woocommerce rvcfdi-para-woocommerce allows Reflected XSS.This issue affects RVCFDI para Woocommerce: from n/a through = 8.1.8...

PT-2026-21167

Name of the Vulnerable Software and Affected Versions RVCFDI para Woocommerce versions through 8.1.8 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Reflected Cross-Site Scripting XSS condition. This could all...

CVE-2019-25337

CVE-2019-25337 affects OwnCloud 8.1.8. The issue is a username enumeration flaw exposing user accounts by manipulating the share.php endpoint: sending crafted GET requests to /index.php/core/ajax/share.php with a wildcard search parameter can reveal user information. Root cause appears to be impr...

ownCloud 安全漏洞

OwnCloud is a personal cloud storage solution provided by the US-based company OwnCloud. Version 8.1.8 of OwnCloud contains a security vulnerability. This vulnerability stems from a username enumeration issue in the share.php endpoint, which may lead to the discovery of user accounts...

CVE-2026-24630

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Design Stylish Cost Calculator stylish-cost-calculator allows Stored XSS.This issue affects Stylish Cost Calculator: from n/a through = 8.2.9...

CVE-2025-67944

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...

CVE-2026-24630

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Design Stylish Cost Calculator stylish-cost-calculator allows Stored XSS.This issue affects Stylish Cost Calculator: from n/a through = 8.1.8...

PT-2026-4460

Name of the Vulnerable Software and Affected Versions Stylish Cost Calculator versions through 8.1.8 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a potential Cross-site Scripting XSS issue. This specific instance allow...

CVE-2025-67944 WordPress Nelio AB Testing plugin <= 8.1.8 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.1.8...

PT-2026-4027

Name of the Vulnerable Software and Affected Versions Nelio AB Testing versions through 8.1.8 Description A code injection issue exists in Nelio AB Testing. The issue allows for improper control of code generation. Recommendations Update Nelio AB Testing to a version later than 8.1.8...

EUVD-2023-40749

Malicious code in bioql PyPI...

CVE-2023-38702

Knowage is an open source analytics and business intelligence suite. Starting in the 6.x.x branch and prior to version 8.1.8, the endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to upload template file on the server, but does not need any authorization to ...

CVE-2024-31287

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Max Foundry Media Library Folders.This issue affects Media Library Folders: from n/a through 8.1.8...

DEBIAN-CVE-2023-41752

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Traffic Server.This issue affects Apache Traffic Server: from 8.0.0 through 8.1.8, from 9.0.0 through 9.2.2. Users are recommended to upgrade to version 8.1.9 or 9.2.3, which fixes the issue...

CVE-2023-38702

Knowage is an open source analytics and business intelligence suite. Starting in the 6.x.x branch and prior to version 8.1.8, the endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to upload template file on the server, but does not need any authorization to ...

CVE-2023-38702 Knowage Server vulnerable to path traversal via upload functionality

Knowage is an open source analytics and business intelligence suite. Starting in the 6.x.x branch and prior to version 8.1.8, the endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to upload template file on the server, but does not need any authorization to ...

PT-2023-25984 · Knowage · Knowage

Name of the Vulnerable Software and Affected Versions: Knowage versions prior to 8.1.8 Description: Knowage is an open source suite for business analytics that uses user-supplied data to create HQL queries without prior sanitization. An attacker can create specially crafted HQL queries to break...

CVE-2023-36819

Knowage is the professional open source suite for modern business analytics over traditional sources and big data systems. The endpoint /knowage/restful-services/dossier/importTemplateFile allows authenticated users to download template hosted on the server. However, starting in the 6.x.x branch...

PT-2023-25172 · Knowage · Knowage

Name of the Vulnerable Software and Affected Versions: Knowage versions 6.0.0 through 8.1.7 Description: The issue allows an attacker to register and activate their account without having to click on the link included in the email, giving them access to the application as a normal user...