GLPI Inventory Plugin SQL注入漏洞

GLPI Inventory Plugin is an open-source plugin developed by French company GLPI. It is used to process various types of tasks for the GLPI agent. Versions of the GLPI Inventory Plugin prior to 1.6.6 contained a SQL injection vulnerability, which stems from improper handling of user input,...

CVE-2026-25590

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Prior to 1.6.6, there is a reflected XSS vulnerability in task jobs. This vulnerability is fixed in 1.6.6...

PT-2025-54402

Server-Side Request Forgery SSRF vulnerability in Jthemes Genemy allows Server Side Request Forgery.This issue affects Genemy: from n/a through 1.6.6...

Fabio 安全漏洞

Fabio is a Fabio open source application. A security vulnerability exists in Fabio versions prior to 1.6.6 that stems from allowing clients to remove X-Forwarded headers when processing hop-by-hop headers, which could lead to a security hole...

WordPress plugin Subaccounts for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

PT-2024-27809 · Nextcloud · Nextcloud Deck

Name of the Vulnerable Software and Affected Versions: Nextcloud Deck versions prior to 1.6.6 Nextcloud Deck versions prior to 1.7.5 Nextcloud Deck versions prior to 1.8.7 Nextcloud Deck versions prior to 1.9.6 Nextcloud Deck versions prior to 1.11.3 Nextcloud Deck versions prior to 1.12.1...

WordPress Plugin Enhanced Text Widget Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2023-19904 · Brainstorm Force · Brainstorm Force Schema – All In One Schema Rich Snippets

Name of the Vulnerable Software and Affected Versions: Brainstorm Force Schema – All In One Schema Rich Snippets plugin versions prior to 1.6.6 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into...

CVE-2022-2636

Improper Control of Generation of Code 'Code Injection' in GitHub repository hestiacp/hestiacp prior to 1.6.6...

hestiacp 安全漏洞

hestiacp is a lightweight and powerful control panel for modern networks. A security vulnerability exists in hestiacp versions prior to 1.6.6 that stems from incorrect privilege assignment...

hestiacp 代码注入漏洞

HestiaCP is a lightweight and powerful control panel for modern networks. A code injection vulnerability exists in hestiacp versions prior to 1.6.6 that stems from incorrect input validation...

PT-2022-17811 · Hestiacp · Hestiacp

Name of the Vulnerable Software and Affected Versions: hestiacp/hestiacp versions prior to 1.6.6 Description: The issue is related to improper control of generation of code, also known as 'code injection', and improper input validation in the hestiacp/hestiacp GitHub repository. Recommendations:...

Hashicorp HashiCorp Vault 信息泄露漏洞

HashiCorp HashiCorp Vault is a private key access management tool from HashiCorp Hashicorp, USA. An information disclosure vulnerability exists in HashiCorp Vault, which stems from a misconfiguration of the product's cache that causes the browser to incorrectly cache sensitive information about a...

PYSEC-2017-2

The user module in ansible before 1.6.6 allows remote authenticated users to execute arbitrary commands...

UBUNTU-CVE-2016-5360

HAproxy 1.6.x before 1.6.6, when a deny comes from a reqdeny rule, allows remote attackers to cause a denial of service uninitialized memory access and crash or possibly have unspecified other impact via unknown vectors...