CVE-2026-48906

The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites...

CVE-2026-48906

The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites...

CVE-2026-48906

The vulnerability in the Tassos Framework Plugin allows users to delete arbitrary files on the affected sites...

PT-2026-43681

Name of the Vulnerable Software and Affected Versions Tassos Framework versions prior to 6.1.0 Description A flaw in the Tassos Framework Plugin enables users to perform arbitrary file deletion on affected sites. Arbitrary file deletion is a condition where an attacker can delete any file on the...

PT-2024-37804 · WordPress · Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Popular WordPress Plugin affected versions not specified Description: The issue allows an attacker to gain administrative access without having an account on the targeted site, enabling them to perform unauthorized actions. This is caused by...

BitTorrent API Cross-Site Scripting Vulnerability

BitTorrent is a set of peer-to-peer file uploading and downloading software based on the BitTorrent protocol from the American company BitTorrent. A cross-site scripting vulnerability exists in BitTorrent. An attacker can exploit this vulnerability to execute arbitrary script code in the browser ...

TYPO3 Backend Subcomponent Cross-Site Scripting Vulnerability

TYPO3 is a free and open source content management system maintained by the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in TYPO3 Backend Subcomponent. Because the program fails to properly filter user-supplied input, an attacker may be able to exploit the vulnerability to...

CVE-2 0 1 6-0 7 0 3 OpenSSL DROWN vulnerability security notification-vulnerability warning-the black bar safety net

In OpenSSL official yesterday released the security Bulletin, discloses a new high-risk vulnerabilities“DROWN”the drowned vulnerability,。 Through this vulnerability, an attacker can initiate a“man in the middle hijacking attack”to steal is HTTPS encrypted session content, including Yahoo!, Alibab...

Tienda Online CMS Cross Site Scripting

+=============================================================================================+ + Software Gestión GESIO & XSS & Allow Execute Evil Remote Code + +=============================================================================================+ Authors: Ivan Sanchez & Raul Diaz...

Georgia Tech SQL Injection

Georgia Tech Multiple SQL Injection Vulnerabilities ..,--....,'. .b--. /; .. \ \ . ,. =,-,-' ----,..'--,..'-.;.' Disclosure by: cats Domain: gatech.edu 1 Description 2 Extracted sample data 3 Vulnerabilities and details 1 Description A large amount of vulnerabilities have been found in just about...

Translucid 1.75 XSS / HTML Injection

transLucid - Cross Site Scripting and HTML Injection Vulnerabilities Version Affected: 1.75 newest Info: transLucidonline is the easy website publishing system with which anyone can create and maintain web content, in multiple languages and based on a growing list of ready-made, professional...

AMember 3.1.7 (XSS/SQL/HI) Multiple Remote Vulnerabilities

No description provided by source. AMember - Multiple Vulnerabilities Version Affected: 3.1.7 Apr-10-2009 newest Info: aMember is a flexible membership and subscription management PHP script. It has support for PayPal, BeanStream, 2Checkout, NoChex, VeriSign PayFlow, Authorize.Net, PaySystems,...

XSS-Cookie-Advisory.txt

------------------------------------------------------- XSS/Cookie problems at major webmail sites Advisory ------------------------------------------------------- XSS/Cookie problems at major webmail sites 13/11/02 - by "N|ghtHawk" Thijs Bosschert nighthawkathackers4hackers.org...

CGIscript.net - csSearch.cgi - Remote Code Execution (up to 17,000 sites vulnerable)

CGIscript.net - csSearch.cgi - Remote Code Execution up to 17,000 sites vulnerable --------------------------------------------------------------------- Name : csSearch.cgi - Remote Code Execution Date : March 25, 2002 Product : csSearch Version : 2.3 vulnerable Vuln Type : Access Validation Erro...

Black Watch Labs Vulnerability Alert

Dear Security Professional, The following vulnerability: "Environment and Setup Variables Can Be Viewed Through DBMan db.cgi Script" is in the text of the message below and has just been posted to the Black Watch Labs Web site at http://www.perfectotech.com/blackwatchlabs/ Thank you, Black Watch...