PT-2025-24532 · Unknown · Unfoldwp Blogvy

Name of the Vulnerable Software and Affected Versions: Unfoldwp Blogvy versions 1.0.0 through 1.0.7 Description: The issue is related to improper control of filename for include/require statement in PHP programs, also known as 'PHP Remote File Inclusion'. This allows PHP Local File Inclusion...

PT-2025-23903 · Radare2 · Radare2

Name of the Vulnerable Software and Affected Versions: Radare2 version 5.9.9 Description: A problematic vulnerability was found in Radare2, affecting the function r cons pal init in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory...

CVE-2024-34701

CreateWiki is Miraheze's MediaWiki extension for requesting & creating wikis. It is possible for users to be considered as the requester of a specific wiki request if their local user ID on any wiki in a wiki farm matches the local ID of the requester at the wiki where the wiki request was made...

PT-2025-20423 · Unknown · Grocery-Cms-Php-Restful-Api

Name of the Vulnerable Software and Affected Versions: Grocery-CMS-PHP-Restful-API version 1.3 Description: The issue concerns a file upload vulnerability via the "/admin/add-category.php" API endpoint. This allows for potential malicious file uploads. Recommendations: For...

PT-2025-17736 · Unknown · Online Class/Exam Scheduling System

Name of the Vulnerable Software and Affected Versions: Online Class and Exam Scheduling System version 1.0 Description: A vulnerability has been discovered in the code, affecting some unknown features in the file /Scheduling/pages/class sched.php. Manipulating the class parameter can lead to...

PT-2025-17565 · Unknown · Sacco Management System

Name of the Vulnerable Software and Affected Versions: Sacco Management system version 1.0 Description: The issue is related to a SQL injection vulnerability. It can be exploited via the password parameter at the "/sacco/ajax.php" API endpoint. Recommendations: For Sacco Management system version...

PT-2025-22293 · Unknown · Fw-Wgs-804Hpt

Name of the Vulnerable Software and Affected Versions: FW-WGS-804HPT version 1.305b241111 Description: A stack overflow issue was discovered via the host ip parameter in the web snmp notifyv3 add post function. Recommendations: For FW-WGS-804HPT version 1.305b241111, consider restricting access t...

PT-2025-17337 · Seclore · Seclore

Name of the Vulnerable Software and Affected Versions: Seclore version 3.27.5.0 Description: An issue in the login page of Seclore allows attackers to bypass authentication via a brute force attack. Recommendations: For version 3.27.5.0, consider temporarily restricting access to the login page...

PT-2025-9192 · Zj1983 Zz · Zj1983 Zz

Name of the Vulnerable Software and Affected Versions: zj1983 zz up to 2024-8 Description: A critical vulnerability has been found in the function getOaWid of the file src/main/java/com/futvan/z/system/zworkflow/ZworkflowAction.java. The manipulation of the argument tableId leads to SQL injection...

PT-2025-28387 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions prior to 15 Description: The issue is related to an out-of-bounds read in the decoding frame header in libsavsvc.so. This allows local attackers to cause memory corruption. Recommendations: For Android versions prior to 15,...

PT-2023-30008 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.652 B20230116 Description: A command execution issue was discovered via the sub 416F60 function, allowing for potential exploitation. Recommendations: For TOTOLINK X6000R version 9.4.0cu.652 B20230116, consider...

PT-2022-26249 · Unknown · Klik Socialmediawebsite

Name of the Vulnerable Software and Affected Versions: KLiK SocialMediaWebsite version v1.0.1 Description: The issue concerns SQL Injection via the profile.php file. Recommendations: For version v1.0.1, consider restricting access to the profile.php file until a patch is available. Avoid using...

PT-2022-26716 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: A memory leak issue was discovered in the AP4 DescriptorFactory::CreateDescriptorFromStream function located in Core/Ap4DescriptorFactory.cpp. This issue is demonstrated by the mp42aac tool...

PT-2022-26097 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 version 1.6.0-639 Description: A memory leak issue exists in the AP4 StdcFileByteStream::Create function, specifically in the System/StdC/Ap4StdCFileByteStream.cpp file. This issue can lead to memory exhaustion if exploited...

PT-2022-12336 · Tcpreplay +2 · Tcpreplay +2

Name of the Vulnerable Software and Affected Versions: tcpreplay version 4.3.4 Description: The issue is related to a Reachable Assertion in the add tree ipv6 function at tree.c. Recommendations: For tcpreplay version 4.3.4, consider restricting access to the add tree ipv6 function until a patch ...

PT-2021-7496 · Mariadb +10 · Mariadb Server +10

Name of the Vulnerable Software and Affected Versions: MariaDB Server versions prior to 10.6 Description: The issue is related to the component Item subselect::init expr cache tracker in MariaDB Server, which fails to protect the SQL query structure. This allows a remote attacker to cause a Denia...