CVE-2026-5166

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal. This issue affects Pardus Software Center: before 0.6.4...

CVE-2026-5166 Path Traversal in TUBITAK BILGEM's Pardus Software Center

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal. This issue affects Pardus Software Center: before 1.0.3...

CVE-2026-5166 Path Traversal in TUBITAK BILGEM's Pardus Software Center

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal. This issue affects Pardus Software Center: before 0.6.4...

CVE-2026-5166

CVE-2026-5166 describes a path traversal vulnerability in TUBITAK BILGEM’s Pardus Software Center. The issue affects Pardus Software Center prior to 1.0.3 and stems from improper limitation of a pathname to a restricted directory. Per the provided metrics, the CVSSv3.1 base score is 9.6 (CRITICAL...

CVE-2026-5141

Improper Privilege Management, Improper Access Control, Incorrect privilege assignment vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Hijacking a privileged process. This issue affects Pardus Software Center: from 1.0.2 before 1.0.3...

TÜBİTAK BİLGEM Pardus Software Center 路径遍历漏洞

TÜBİTAK BİLGEM Pardus Software Center is an application store platform provided by TÜBİTAK BİLGEM in Turkey, which offers functions for software browsing, installation, and update management. Versions of TÜBİTAK BİLGEM Pardus Software Center prior to 1.0.3 contained a path traversal vulnerability...

CVE-2025-13982

Cross-Site Request Forgery CSRF vulnerability in Drupal Login Time Restriction allows Cross Site Request Forgery.This issue affects Login Time Restriction: from 0.0.0 before 1.0.3...

CVE-2025-13982 Login Time Restriction - Moderately critical - Cross-Site Request Forgery - SA-CONTRIB-2025-120

Cross-Site Request Forgery CSRF vulnerability in Drupal Login Time Restriction allows Cross Site Request Forgery.This issue affects Login Time Restriction: from 0.0.0 before 1.0.3...

EUVD-2025-206439

Cross-Site Request Forgery CSRF vulnerability in Drupal Login Time Restriction allows Cross Site Request Forgery.This issue affects Login Time Restriction: from 0.0.0 before 1.0.3...

CVE-2025-13982

CVE-2025-13982 describes a CSRF vulnerability in the Drupal Login Time Restriction module. Affected are versions prior to 1.0.3, where the module does not sufficiently protect its confirmation/logout routes from CSRF. Impact: an attacker could perform actions on behalf of authenticated users. Rem...

PT-2026-5201

Name of the Vulnerable Software and Affected Versions Drupal Login Time Restriction versions prior to 1.0.3 Description A Cross-Site Request Forgery CSRF issue exists in the Login Time Restriction module. This allows attackers to perform actions on behalf of authenticated users without their...

CVE-2025-62079

Missing Authorization vulnerability in Damian WP Export Categories & Taxonomies wp-export-categories-taxonomies allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Export Categories & Taxonomies: from n/a through = 1.0.3...

CVE-2014-125128

'sanitize-html' prior to version 1.0.3 is vulnerable to Cross-site Scripting XSS. The function 'naughtyHref' doesn't properly validate the hyperreference href attribute in anchor tags , allowing bypasses that contain different casings, whitespace characters, or hexadecimal encodings...

CVE-2025-3773

A sensitive information exposure vulnerability in System Information Reporter SIR 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder...

Drupal CKEditor5 Youtube 安全漏洞

Drupal CKEditor5 Youtube is a video integration plugin for the Drupal community. A security vulnerability exists in Drupal CKEditor5 Youtube versions prior to 1.0.3, which stems from improper input neutralization and could lead to cross-site scripting attacks...

rfc3161-client 数据伪造问题漏洞

rfc3161-client is a Trail of Bits open source software. A data forgery issue vulnerability exists in rfc3161-client versions prior to 1.0.3, which stems from a flaw in the timestamp response signature validation logic that could lead to insufficient signature validation...

Drupal Commerce Alphabank Redirect 安全漏洞

Drupal Commerce Alphabank Redirect is a redirect banking tool for the Drupal community. A security vulnerability exists in Drupal Commerce Alphabank Redirect versions prior to 1.0.3 that stems from improper authorization and could lead to feature abuse...

Backdrop CMS 跨站脚本漏洞

Backdrop CMS is a content management system CMS from Backdrop CMS open source. A cross-site scripting vulnerability exists in Backdrop CMS versions prior to 1.x-1.0.3, which stems from insufficient cleanup of certain class names and could lead to cross-site scripting attacks...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Commerce View Receipt prior to version 1.0.3, which stems from the inclusion of an authorization error vulnerability...

PT-2024-17296 · WordPress · Koalendar – Events & Appointments Booking Calendar

Name of the Vulnerable Software and Affected Versions: Koalendar – Events & Appointments Booking Calendar plugin for WordPress versions prior to 1.0.3 Description: The issue is related to Stored Cross-Site Scripting via the height parameter due to insufficient input sanitization and output...