15 matches found
EUVD-2026-20364
Missing Authorization vulnerability in MWP Development Diet Calorie Calculator diet-calorie-calculator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Diet Calorie Calculator: from n/a through = 1.1.1...
CVE-2026-35176 openFPGALoader has a heap buffer overflow in POFParser::parseSection() via crafted .pof file
openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability...
PT-2026-1628
Name of the Vulnerable Software and Affected Versions Stumble! for WordPress plugin versions up to and including 1.1.1 Description The Stumble! for WordPress plugin is susceptible to Reflected Cross-Site Scripting. This is due to insufficient input sanitization and output escaping of the $...
CVE-2025-62900 WordPress Popular Posts by Webline plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WeblineIndia Popular Posts by Webline popular-posts-by-webline allows Stored XSS.This issue affects Popular Posts by Webline: from n/a through = 1.1.1...
CVE-2025-49044
Cross-Site Request Forgery CSRF vulnerability in tosend.it Simple Poll simple-poll allows Stored XSS.This issue affects Simple Poll: from n/a through = 1.1.1...
PT-2025-15931 · Unknown · Aaronfrey Nearby Locations
Name of the Vulnerable Software and Affected Versions: aaronfrey Nearby Locations versions n/a through 1.1.1 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
CVE-2025-30922
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in simplebooklet Simplebooklet PDF Viewer and Embedder simplebooklet allows Stored XSS.This issue affects Simplebooklet PDF Viewer and Embedder: from n/a through = 1.1.1...
PT-2024-30817 · Themeum · Themeum Droip
Name of the Vulnerable Software and Affected Versions: Themeum Droip versions 1.1.1 and earlier Description: The issue affects Themeum Droip, allowing file manipulation due to improper limitation of a pathname to a restricted directory. This is a Path Traversal vulnerability, enabling unauthorize...
CVE-2024-37419
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Codeless Cowidgets – Elementor Addons allows Path Traversal.This issue affects Cowidgets – Elementor Addons: from n/a through 1.1.1...
PT-2024-24803 · Olive Themes · Olive One Click Demo Import
Name of the Vulnerable Software and Affected Versions: Olive One Click Demo Import versions 1.1.1 and earlier Description: The issue is related to a Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import. Recommendations: For Olive One Click Demo Import versions 1.1.1 and...
PT-2023-24950 · Sojo · Sojo
Name of the Vulnerable Software and Affected Versions: sojo versions 1.1.1 and earlier Description: An issue allows attackers to cause a denial of service or other unspecified impacts via a crafted object that uses cyclic dependencies. Recommendations: For sojo versions 1.1.1 and earlier, at the...
PT-2022-23368 · Osu Open Source · Vncauthproxy
Name of the Vulnerable Software and Affected Versions: OSU Open Source Lab VNCAuthProxy versions 1.1.1 and earlier Description: The issue is an authentication-bypass vulnerability in the VNCServerAuthenticator, located in vncap/vnc/protocol.py, which could allow a malicious actor to gain...
AZL-6779 CVE-2021-3711 affecting package openssl for versions less than 1.1.1k-11
In order to decrypt SM2 encrypted data an application is expected to call the API function EVPPKEYdecrypt. Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size...
Rust Resource Management Error Vulnerability
Rust is a general-purpose, compiled programming language from the Mozilla Foundation. A security vulnerability exists in Rust ordered-float crate before 1.1.1 and 2.x before 2.0.1, which stems from the fact that NotNan values can contain NaN...
PT-2002-2563 · Nola · Nola
Name of the Vulnerable Software and Affected Versions: NOLA versions 1.1.1 through 1.1.2 Description: The document management module does not restrict the types of files that are uploaded, allowing remote attackers to upload and execute arbitrary PHP files with extensions such as .php4...