1233 matches found
CVE-2021-26570
The Baseboard Management Controller BMC firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifcsetadconfig function...
CVE-2021-25170
The Baseboard Management Controller BMC firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetremoteimageinfo function...
CVE-2021-25172
The Baseboard Management Controller BMC firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a command injection vulnerability in libifc.so websetdefaultlangcfg function...
CVE-2021-39880
A Denial Of Service vulnerability in the apollouploadserver Ruby gem in GitLab CE/EE all versions starting from 11.9 before 14.0.9, all versions starting from 14.1 before 14.1.4, and all versions starting from 14.2 before 14.2.2 allows an attacker to deny access to all users via specially crafted...
CVE-2019-13234
In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the search engine...
CVE-2015-10043
A vulnerability, which was classified as critical, was found in abreen Apollo. This affects an unknown part. The manipulation of the argument file leads to path traversal. The patch is named 6206406630780bbd074aff34f4683fb764faba71. It is recommended to apply a patch to fix this issue. The...
CVE-2019-13235
In the Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5, there is XSS in the Login form...
CVE-2019-10686
An SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port scan or raise a GET request via /system-info/health because the %23 substring is mishandled...
CVE-2013-0728
Multiple stack-based buffer overflows in NCSAddOn.dll in the ERDAS APOLLO ECWP plugin before 13.00.0001 for Internet Explorer, Firefox, and Chrome allow remote attackers to execute arbitrary code via a long property value...
CVE-2025-32245
Cross-Site Request Forgery CSRF vulnerability in Chaser324 Featured Posts Scroll featured-posts-scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through = 1.25...
CVE-2025-32245
Cross-Site Request Forgery CSRF vulnerability in Chaser324 Featured Posts Scroll featured-posts-scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through = 1.25...
CVE-2025-32245
CVE-2025-32245 covers a SQL Injection in the WordPress Apollo plugin (
CVE-2025-32245 WordPress Apollo <= 3.6.3 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Apollo allows SQL Injection. This issue affects Apollo: from n/a through 3.6.3...
CVE-2025-32245
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LambertGroup Apollo allows SQL Injection. This issue affects Apollo: from n/a through 3.6.3...
CVE-2025-32245 WordPress Featured Posts Scroll plugin <= 1.25 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Chaser324 Featured Posts Scroll featured-posts-scroll allows Stored XSS.This issue affects Featured Posts Scroll: from n/a through = 1.25...
WordPress Apollo plugin <= 3.6.3 - SQL Injection Vulnerability
SQL Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Plugin Apollo versions = 3.6.3...
PT-2025-21685 · Lambertgroup · Lambertgroup Apollo
Name of the Vulnerable Software and Affected Versions: LambertGroup Apollo versions through 3.6.3 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. To mitigate the...
WordPress plugin Apollo SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
ApolloTheme AP Page Builder 路径遍历漏洞
ApolloTheme AP Page Builder is a plugin from ApolloTheme, Inc. A path traversal vulnerability exists in ApolloTheme AP Page Builder versions prior to 4.0.0, which stems from an unauthenticated remote user being able to modify the productitempath in the config JSON file, which could result in...
GMOD Apollo Missing Authentication For Critical Function (CVE-2025-24924)
Binary data gmodapollocve-2025-24924.nbin...