4 matches found
CVE-2026-42221
Nginx UI is a web user interface for the Nginx web server. From version 2.0.0 to before version 2.3.8, an unauthenticated network attacker can claim the initial administrator account on a fresh nginx-ui instance during the first-run setup window. The public /api/install endpoint is reachable...
EUVD-2025-26221
Malicious code in bioql PyPI...
CVE-2025-55579
SolidInvoice version 2.3.7 is vulnerable to a Stored Cross-Site Scripting XSS issue in the Tax Rates functionality. The vulnerability is fixed in version 2.3.8...
PT-2025-35248
Name of the Vulnerable Software and Affected Versions: SolidInvoice versions prior to 2.3.8 Description: SolidInvoice is susceptible to a Cross Site Scripting XSS issue within the Tax Rate functionality. Recommendations: Update to version 2.3.8 or later...