EUVD-2021-26463

Malware in sbrugna...

EUVD-2019-12104

Malware in sbrugna...

EUVD-2024-43359

Malicious code in bioql PyPI...

CVE-2024-49293

Missing Authorization vulnerability in Rextheme WP VR allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP VR: from n/a through 8.5.4...

WordPress WP VR plugin <= 8.5.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin WP VR versions = 8.5.4...

CVE-2024-6072

The wp-cart-for-digital-products WordPress plugin before 8.5.5 does not escape the $SERVER'REQUESTURI' parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers...

PT-2024-14056 · Zkteco · Zkteco Biotime

Name of the Vulnerable Software and Affected Versions: ZKTeco BioTime versions 8.5.4 and earlier Description: An issue in the software allows a remote attacker to obtain sensitive information. Recommendations: For ZKTeco BioTime versions 8.5.4 and earlier, update to a version later than 8.5.4 to...

CVE-2023-50166

Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter...

CVE-2023-50166

Pega Platform versions 8.5.4–8.8.3 are affected by an input validation XSS vulnerability triggered by a redirect parameter, exploitable by an unauthenticated user. Affected component/area: Pega Platform runtime handling of redirect parameters. Reported impact is cross-site scripting with potentia...

PT-2024-13873 · Pegasystems · Pega Platform

Name of the Vulnerable Software and Affected Versions: Pega Platform versions 8.5.4 through 8.8.3 Description: The issue is an XSS problem that can be exploited by an unauthenticated user, utilizing the redirect parameter. Recommendations: For versions 8.5.4 through 8.8.3, consider restricting...

CVE-2023-34988

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...

CVE-2023-36549

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...

CVE-2023-34986

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...

CVE-2023-34989

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...

CVE-2023-34985

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...

PT-2023-6020 · Fortinet · Fortiwlm

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWLM versions 8.5.0 through 8.5.4 Fortinet FortiWLM versions 8.6.0 through 8.6.5 Description: The issue is related to an improper neutralization of special elements used in an OS command, also known as 'OS command injection'. Thi...

PT-2023-6021 · Fortinet · Fortiwlm

Name of the Vulnerable Software and Affected Versions: FortiWLM versions 8.5.0 through 8.5.4 FortiWLM versions 8.6.0 through 8.6.5 Description: The issue is related to an improper neutralization of special elements used in an OS command, also known as 'os command injection'. This allows an attack...

PT-2023-6087 · Fortinet · Fortiwlm

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWLM versions 8.5.0 through 8.5.4 Fortinet FortiWLM versions 8.6.0 through 8.6.5 Description: The issue is related to an improper neutralization of special elements used in an OS command, also known as 'OS command injection'. Thi...

PT-2023-6145 · Fortinet · Fortiwlm

Name of the Vulnerable Software and Affected Versions: Fortinet FortiWLM versions 8.5.0 through 8.5.4 Fortinet FortiWLM versions 8.6.0 through 8.6.5 Description: The issue exists due to improper neutralization of special elements used in an operating system command, allowing for os command...

PT-2023-7509 · Atlassian +1 · Confluence +1

Name of the Vulnerable Software and Affected Versions: Apache Struts versions prior to 2.5.32 Apache Struts versions prior to 6.1.2.2 Apache Struts versions prior to 6.3.0.1 Confluence Data Center versions from 7.17.0 to 8.8.0 excluding 8.8.0 Confluence Data Center versions from 8.0.0 to 8.0.4...