6 matches found
CVE-2026-11395
The CF7 to Webhook plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.0.0 via the pullthetrigger. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be...
CVE-2025-58467
A relative path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: Qsync...
CVE-2025-30266
The CVE-2025-30266 entry describes a NULL pointer dereference in Qsync Central that could allow a remote attacker with a user account to cause a denial-of-service. Concrete details across connected sources identify Qsync Central as the affected product, with the root cause listed as a NULL pointe...
QNAP Qsync Central 安全漏洞
QNAP Qsync Central is the official private cloud synchronization service developed by QNAP for its Network Attached Storage NAS devices. QNAP Qsync Central suffers from an unrestricted resource allocation vulnerability that can be exploited by an attacker to prevent other systems, applications, o...
WordPress plugin Classified Listing 安全漏洞
WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site scripting vulnerability exists in WordPress plugin Classified Listing 5.0.0 and earlier...
CVE-2022-46421 Apache Airflow Hive Provider: Hive Provider RCE vulnerability with hive_cli_params
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Hive Provider: before 5.0.0...