13 matches found
EUVD-2026-21881
The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape a parameter before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...
Drupal SAML SSO 安全漏洞
Drupal SAML SSO is an extension for Drupal-based content management systems that provides SAML-based single-sign-on authentication functionality. Versions of Drupal SAML SSO prior to 3.1.3 contained a security vulnerability, which was caused by improper input handling and could lead to cross-site...
Linux Distros Unpatched Vulnerability : CVE-2021-22879
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote...
PT-2025-7607 · Vitepos · Vitepos
Name of the Vulnerable Software and Affected Versions: Vitepos versions prior to 3.1.3 Description: The issue is related to a Missing Authorization vulnerability, which allows the exploitation of incorrectly configured access control security levels. Recommendations: For versions prior to 3.1.3,...
PT-2024-32519
Name of the Vulnerable Software and Affected Versions Templately versions prior to 3.1.3 Description The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations For versions prior to 3.1.3, update to version...
Sonic Technology Shopfloor.guide 安全漏洞
Sonic Technology Shopfloor.guide is an application from Sonic Technology, Inc. A security vulnerability exists in Sonic Technology Shopfloor.guide versions prior to 3.1.3. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands via the level2 parameter...
Jinja Cross-Site Scripting Vulnerability
Pallets Jinja is a template engine written in the Python language. A security vulnerability exists in Jinja versions prior to 3.1.3, which stems from a cross-site scripting XSS vulnerability...
DEBIAN-CVE-2021-22879
Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation...
PT-2019-13326 · Rencontre · Rencontre
Name of the Vulnerable Software and Affected Versions: Rencontre plugin versions prior to 3.1.3 Description: The issue allows for XSS attacks. This is due to a problem in the inc/rencontre widget.php file. Recommendations: For versions prior to 3.1.3, update to version 3.1.3 or later to resolve t...
CVE-2019-11582
An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI...
Heap overflow
Heap-based buffer overflow in the decodeblock function in libavcodec/exr.c in FFmpeg before 3.1.3 allows remote attackers to cause a denial of service application crash via vectors involving tile positions...
DEBIAN-CVE-2016-0729
Multiple buffer overflows in 1 internal/XMLReader.cpp, 2 util/XMLURL.cpp, and 3 util/XMLUri.cpp in the XML Parser library in Apache Xerces-C before 3.1.3 allow remote attackers to cause a denial of service segmentation fault or memory corruption or possibly execute arbitrary code via a crafted...
DEBIAN-CVE-2011-3122
Unspecified vulnerability in WordPress 3.1 before 3.1.3 and 3.2 before Beta 2 has unknown impact and attack vectors related to "Media security."...