EUVD-2026-30518

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'table' parameter in all versions up to, and including, 9.1.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

CVE-2026-7046

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'table' parameter in all versions up to, and including, 9.1.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses github.com/jackc/pgproto3/v2-v2.3.3 which is vulnerable to CVE-2026-4427

Summary IBM Maximo Application Suite - Visual Inspection component uses github.com/jackc/pgproto3/v2-v2.3.3 which is vulnerable to CVE-2026-4427, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-4427 DESCRIPTION: Rejected...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-30922

Summary IBM Maximo Application Suite - Visual Inspection component uses pyasn1 which is vulnerable to CVE-2026-30922, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-30922 DESCRIPTION: pyasn1 is a generic ASN.1 library for...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses logback-core-1.5.21.jar which is vulnerable to CVE-2026-1225

Summary IBM Maximo Application Suite - Visual Inspection component uses logback-core-1.5.21.jar which is vulnerable to CVE-2026-1225, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-1225 DESCRIPTION: ACE vulnerability in...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses filelock which is vulnerable to CVE-2026-22701

Summary IBM Maximo Application Suite - Visual Inspection component uses filelock which is vulnerable to CVE-2026-22701, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-22701 DESCRIPTION: filelock is a platform-independent fi...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses filelock which is vulnerable to CVE-2026-22701

Summary IBM Maximo Application Suite - Visual Inspection component uses filelock which is vulnerable to CVE-2026-22701, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-22701 DESCRIPTION: filelock is a platform-independent fi...

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses Werkzeug which is vulnerable to CVE-2026-27199

Summary IBM Maximo Application Suite - Visual Inspection component uses Werkzeug which is vulnerable to CVE-2026-27199, This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-27199 DESCRIPTION: Werkzeug is a comprehensive WSGI web...

HCL Technologies HCL Commerce 安全漏洞

HCL Technologies HCL Commerce is a software platform framework for e-commerce from HCL Technologies, USA. The software includes marketing, sales, customer and order processing functionality in a customizable and integrated package. It is a unified platform that provides the ability to conduct...

CVE-2024-23576 HCL Commerce is potentially affected by a denial of service and information disclosure vulnerability

Security vulnerability in HCL Commerce 9.1.12 and 9.1.13 could allow denial of service, disclosure of user personal data, and performing of unauthorized administrative operations...

PT-2024-19944 · Hcl · Hcl Commerce

Name of the Vulnerable Software and Affected Versions: HCL Commerce versions 9.1.12 through 9.1.13 Description: The issue allows for denial of service, disclosure of user personal data, and performing of unauthorized administrative operations. Recommendations: For versions 9.1.12 and 9.1.13, at t...

Vulnerability fixed in Drupal

A vulnerability has been fixed in Drupal. A malicious party can exploit the vulnerability to perform a Cross-Site Scripting XSS attack. Such an attack can lead to the execution of arbitrary script code in the browser used to visit the application is visited. The vulnerability is located in the...

Disk Sorter Enterprise Buffer Overflow Vulnerability

Disk Sorter Enterprise is a simple and easy-to-use multiple file classification and disk space analysis tool with DiskSorter's built-in file management operations and user-defined profiles. A buffer overflow vulnerability exists in Disk Sorter Enterprise version 9.1.12, which can be exploited by ...

Disk Sorter Enterprise 9.1.12 - Buffer Overflow Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python print "Disk Sorter Enterprise 9.1.12 Login Buffer Overflow" print "Author: Tulpa / tulpaattulpa-securitydotcom" Author website: www.tulpa-security.com Author twitter: @tulpasecurity Exploit will land you NT AUTHORITY\SYSTEM...

Null pointer dereference

The chkpass extension in PostgreSQL before 8.4.20, 9.0.x before 9.0.16, 9.1.x before 9.1.12, 9.2.x before 9.2.7, and 9.3.x before 9.3.3 does not properly check the return value of the crypt library function, which allows remote authenticated users to cause a denial of service NULL pointer...

PostgreSQL远程拒绝服务漏洞

BUGTRAQ ID: 65728 CVECAN ID: CVE-2014-0066 PostgreSQL是一款高级对象－关系型数据库管理系统，支持扩展的SQL标准子集。 PostgreSQL 9.3.3, 9.2.7, 9.1.12, 9.0.16, 8.4.20之前版本的chkpass扩展没有检查对crypt的调用结果，经过身份验证的数据库用户可触发此漏洞造成PostgreSQL崩溃。 0 PostgreSQL PostgreSQL 8.x 厂商补丁： PostgreSQL ---------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

phpcms 9.1.12 phpcms-modules-attachment-attachment.php sql注入

No description provided by source...