1306 matches found
PT-2025-41927
Name of the Vulnerable Software and Affected Versions Ivanti EPMM versions prior to 12.6.0.2 Ivanti EPMM versions prior to 12.5.0.4 Ivanti EPMM versions prior to 12.4.0.4 Description A flaw exists in the admin panel of Ivanti EPMM that allows a remote authenticated attacker with admin privileges ...
PT-2025-41928
Name of the Vulnerable Software and Affected Versions Ivanti EPMM versions prior to 12.6.0.2 Ivanti EPMM versions prior to 12.5.0.4 Ivanti EPMM versions prior to 12.4.0.4 Description A critical operating system command injection flaw exists in the admin panel of Ivanti EPMM. This allows a remote,...
CVE-2025-10048 My Auctions Allegro Plugin <= 3.6.31 - Authenticated (Admin+) SQL Injection
The My auctions allegro plugin for WordPress is vulnerable to SQL Injection via the 'order' parameter in all versions up to, and including, 3.6.31 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2025-60880
An authenticated stored XSS vulnerability exists in the Bagisto 2.3.6 admin panel's product creation path, allowing an attacker to upload a crafted SVG file containing malicious JavaScript code. This vulnerability can be exploited by an authenticated admin user to execute arbitrary JavaScript in...
GHSA-29MF-W486-V3VC Bagisto is vulnerable to XSS through Admin Panel's product creation path
An authenticated stored XSS vulnerability exists in the Bagisto 2.3.6 admin panel's product creation path, allowing an attacker to upload a crafted SVG file containing malicious JavaScript code. This vulnerability can be exploited by an authenticated admin user to execute arbitrary JavaScript in...
CVE-2025-4615
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...
CVE-2025-60880
Bagisto 2.3.6 admin panel product creation path is affected by an authenticated stored XSS via a crafted SVG file containing JavaScript. Exploitation requires an authenticated admin and can lead to in-browser arbitrary JS execution, with potential session hijacking or data theft. Affected compone...
CVE-2025-60880
An authenticated stored XSS vulnerability exists in the Bagisto 2.3.6 admin panel's product creation path, allowing an attacker to upload a crafted SVG file containing malicious JavaScript code. This vulnerability can be exploited by an authenticated admin user to execute arbitrary JavaScript in...
CVE-2025-4615
An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...
PT-2025-41223
Name of the Vulnerable Software and Affected Versions RegistrationMagic – Custom Registration Forms, User Registration, Payment, and User Login plugin for WordPress versions through 6.0.6.2 Description The RegistrationMagic plugin for WordPress is susceptible to SQL Injection due to inadequate...
EUVD-2019-17563
Malware in sbrugna...
EUVD-2019-0726
Malware in sbrugna...
EUVD-2019-17548
Malware in sbrugna...
EUVD-2020-3844
Malware in sbrugna...
EUVD-2020-8571
Malware in sbrugna...
EUVD-2021-16285
Malware in sbrugna...
EUVD-2020-26952
Malware in sbrugna...
EUVD-2020-16931
Malware in sbrugna...
EUVD-2017-16368
Malware in sbrugna...
EUVD-2021-26397
Malware in sbrugna...