10 matches found
CVE-2026-8403
Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. SYSGUARD 6001 allows Stored XSS. This issue affects SYSGUARD 6001: from 2.0.2 before 6.1.4.0. NOTE: The vendor was contacted and it...
CVE-2026-4513 vanna-ai vanna base.py ask sql injection
A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. T...
PT-2026-1574
Name of the Vulnerable Software and Affected Versions iPaymu Payment Gateway for WooCommerce plugin for WordPress versions up to and including 2.0.2 Description The iPaymu Payment Gateway for WooCommerce plugin for WordPress is susceptible to missing authentication. This occurs because the plugin...
PT-2025-38822
Name of the Vulnerable Software and Affected Versions WPFactory Helpdesk Support Ticket System for WooCommerce versions through 2.0.2 Description The software contains a flaw related to missing authorization, allowing exploitation of incorrectly configured access control security levels...
Linux Distros Unpatched Vulnerability : CVE-2022-30321
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and...
WordPress Easy restaurant menu manager plugin <= 2.0.2 - Cross-Site Request Forgery to Menu Upload vulnerability
Cross-Site Request Forgery to Menu Upload vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Easy pdf restaurant menu upload versions = 2.0.2...
CVE-2025-32626
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JoomSky JS Job Manager js-jobs allows SQL Injection.This issue affects JS Job Manager: from n/a through = 2.0.2...
08cms (=1.0.0), @artdotstyle/filepix (>=1.0.10 <=1.0.11) +427 more potentially affected by CVE-2024-21523 via images (>=2.0.2 <=3.2.4)
images NPM version =2.0.2, =1.0.10, =1.1.2, =0.0.1, =0.1.0, =1.0.1, =1.4.0, =1.1.2, =1.1.8, =0.4.0, =0.6.2 and more Source cves: CVE-2024-21523 Source advisory: SNYK:JS-IMAGES-6421826...
PT-2023-32944 · Unknown · Govuk Tech Docs
Name of the Vulnerable Software and Affected Versions: govuk tech docs versions from 2.0.2 to before 3.3.1 Description: The issue is a cross-site scripting vulnerability. Malicious JavaScript may be executed in the user's browser if a malicious search result is displayed on the search page. Pages...
@depup/strapi (=2.0.2-depup.0), @jayway/tds (=0.0.1) +25 more potentially affected by CVE-2022-27263 via strapi (>=2.0.2 <=3.6.8)
strapi NPM version =2.0.2, =0.0.0, =0.0.1, =0.0.34, =1.1.0, =1.0.0, =3.6.1-0.1, =2.0.0, =2.0.2 - strapi-editorjs =0.0.1 and more Source cves: CVE-2022-27263 Source advisory: OSV:GHSA-9QGM-W87Q-HX89...