CVE-2026-9581

A vulnerability was identified in JeecgBoot up to 3.9.1. The impacted element is an unknown function of the file /sys/comment/add. Such manipulation leads to improper access controls. The attack can be executed remotely. The exploit is publicly available and might be used. Upgrading to version...

ROOT-OS-DEBIAN-12-CVE-2016-9581 CVE-2016-9581 in rootio-openjpeg2 - Patched by Root

Root has patched CVE-2016-9581 in the rootio-openjpeg2 package for Root:Debian:12. Multiple fixed versions available...

CVE-2018-9581

In WiFi, the RSSI value and SSID information is broadcast as part of android.net.wifi.RSSICHANGE and android.net.wifi.STATECHANGE intents. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product:...

Linux Distros Unpatched Vulnerability : CVE-2016-9581

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An infinite loop vulnerability in tiftoimage that results in heap buffer overflow in convert32sC1P1 was found in openjpeg 2.1.2. CVE-2016-9581 Note that Nessus...

MAL-2025-9581 Malicious code in @tuan149/api-sunny (npm)

The package @tuan149/api-sunny was found to contain malicious code...

RockyLinux 8 : kernel-rt (RLSA-2025:9581)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2025:9581 advisory. kernel: cifs: fix double free race when mount fails in cifsgetroot CVE-2022-48919 kernel: security/keys: fix slab-out-of-bounds in keytaskpermission...

CVE-2020-9581

Magento versions 2.3.4 and earlier, 2.2.11 and earlier see note, 1.14.4.4 and earlier, and 1.9.4.4 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure...

CVE-2024-9581

The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-9581

creationtimestamp| type| source ---|---|--- 2024-10-10 05:02:31+00:00| seen| https://t.me/cvedetector/7548...

CVE-2024-9581

The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-9581

The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-9581 Shortcodes AnyWhere <= 1.0.1 - Unauthenticated Arbitrary Shortcode Execution

The Shortcodes AnyWhere plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.0.1. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. This makes it possible for...

CVE-2024-9581

CVE-2024-9581 affects the WordPress plugin Shortcodes AnyWhere. The vulnerability is an unauthenticated arbitrary shortcode execution via do_shortcode due to improper value validation in all versions up to 1.0.1. Connected sources confirm this as an active issue (unpatched in Wordfence/NVD entrie...

WordPress Shortcodes AnyWhere Plugin <= 1.0.1 is vulnerable to Content Injection

Software Shortcodes AnyWhere Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Content Injection CVE CVE-2024-9581 Patch priority Medium CVSS severity Medium 7.3 Developer Claim ownership PSID 9c5d59c3c6ea Credits Francesco Carlucci Required privilege...

BELL-CVE-2016-9581 CVE-2016-9581 does not affect BellSoft software

Bulletin has no description...

Booked Scheduler 2.7.5 - Remote Command Execution Exploit

Exploit Title: Booked Scheduler 2.7.5 - Remote Command Execution RCE Authenticated Vulnerability founder: AkkuS Exploit Author: 0sunday Vendor Homepage: https://www.bookedscheduler.com/ Software Link: N/A Version: Booked Scheduler 2.7.5 Tester on: Kali 2021.2 CVE: CVE-2019-9581 !/usr/bin/python3...

Booked Scheduler 2.7.5 Shell Upload

Exploit Title: Booked Scheduler 2.7.5 - Remote Command Execution RCE Authenticated Vulnerability founder: AkkuS Date: 13/12/2021 Exploit Author: 0sunday Vendor Homepage: https://www.bookedscheduler.com/ Software Link: N/A Version: Booked Scheduler 2.7.5 Tester on: Kali 2021.2 CVE: CVE-2019-9581...

CVE-2020-9581

CVE-2020-9581 affects Magento: versions 2.3.4 and earlier, 2.2.11 and earlier, 1.14.4.4 and earlier, and 1.9.4.4 and earlier. The issue is a stored cross-site scripting (XSS) vulnerability that could allow an attacker to disclose sensitive information upon successful exploitation. Multiple connec...

CVE-2018-9581

CVE-2018-9581 describes an information-disclosure flaw in Android where WiFi RSSI (and SSID) data are broadcast via intents (android.net.wifi.RSSI_CHANGE and android.net.wifi.STATE_CHANGE). This cross-process leakage can allow any on-device app to observe a user’s proximity/location context witho...

CVE-2019-9581

phpscheduleit Booked Scheduler 2.7.5 allows arbitrary file upload via the Favicon field, leading to execution of arbitrary Web/custom-favicon.php PHP code, because Presenters/Admin/ManageThemePresenter.php does not ensure an image file extension...