CVE-2025-56401

ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName...

EUVD-2025-198805

ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName...

CVE-2025-56401

ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName...

CVE-2025-56401

ZIRA Group WBRM 7.0 is vulnerable to SQL Injection in referenceLookupsByTableNameAndColumnName...

PT-2025-47926

Name of the Vulnerable Software and Affected Versions ZIRA Group WBRM version 7.0 Description ZIRA Group WBRM version 7.0 is susceptible to a SQL Injection issue occurring in the referenceLookupsByTableNameAndColumnName function. The issue allows for potential manipulation of database queries...

CVE-2025-56401

Summary: CVE-2025-56401 affects ZIRA Group WBRM 7.0 with a SQL Injection vulnerability in the function referenceLookupsByTableNameAndColumnName. This is supported by Red Hat, EUVD/ENISA, NVD/CNNVD/CVELIST and other feeds, which consistently describe a SQL injection condition in that function. Imp...

CVE-2025-11763

The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'columncount' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-11763

The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'columncount' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...

EUVD-2025-198418

The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'columncount' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-11763 Display Pages Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'columncount' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-11763 Display Pages Shortcode <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'columncount' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2025-11763

The WordPress plugin Display Pages Shortcode is vulnerable to Stored XSS through the column_count parameter in the [display-pages] shortcode (versions ≤ 1.1). The flaw arises from insufficient input filtering and output escaping, enabling authenticated attackers with Contributor+ access to inject...

PT-2025-47675

The Display Pages Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'column count' parameter in the display-pages shortcode in all versions up to, and including, 1.1. This is due to insufficient input sanitization and output escaping. This makes it possible for...

Siemens SIMATIC S7-1500 NULL Pointer Dereference (CVE-2020-9327)

In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL...

sqlite: Integer Truncation in SQLite

A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior...

KB5068402 - Description of the security update for SQL Server 2017 CU31: November 11, 2025

KB5068402 - Description of the security update for SQL Server 2017 CU31: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update More information File information Information about protection and security Summary This security update contains...

KB5068404 - Description of the security update for SQL Server 2019 CU32: November 11, 2025

KB5068404 - Description of the security update for SQL Server 2019 CU32: November 11, 2025 Summary Improvements and fixes included in this update How to obtain and install the update How to obtain or download the latest cumulative update package for Linux More information File information...

CVE-2025-11820 Graphina – Elementor Charts and Graphs <= 3.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Chart Widgets

The Graphina – Elementor Charts and Graphs plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple chart widgets in all versions up to, and including, 3.1.8 due to insufficient input sanitization and output escaping on data attributes. This makes it possible for authenticat...

CVE-2025-62520 MantisBT unauthorized disclosure of private project column configuration

Mantis Bug Tracker MantisBT is an open source issue tracker. In versions 2.27.1 and below, due to insufficient access-level checks, any non-admin user with access to manageconfigcolumnspage.php can use the Copy From action to retrieve the columns configuration from a private project they have no...

CVE-2025-62520 MantisBT unauthorized disclosure of private project column configuration

Mantis Bug Tracker MantisBT is an open source issue tracker. In versions 2.27.1 and below, due to insufficient access-level checks, any non-admin user with access to manageconfigcolumnspage.php can use the Copy From action to retrieve the columns configuration from a private project they have no...