EUVD-2026-3279

A weakness has been identified in Yonyou KSOA 9.0. Affected by this vulnerability is an unknown functionality of the file /kmf/savefolder.jsp of the component HTTP GET Parameter Handler. Executing a manipulation of the argument folderid can lead to sql injection. It is possible to launch the atta...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress Plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

PT-2021-20636

Name of the Vulnerable Software and Affected Versions: WordPress Real Media Library plugin versions up to and including 4.14.1 Description: The issue allows author-level attackers to inject arbitrary web scripts in folder names via the name parameter in the /inc/overrides/lite/rest/Folder.php fil...

libyal libpff 资源管理错误漏洞

libyal libpff is an open source library for accessing Personal Folder File PFF and Offline Folder File OFF formats. A security vulnerability exists in the libpffitemtreecreatenode function in versions prior to libyal libpff 20180623, which could allow an attacker to cause a denial of service DOS ...

libpff Denial of Service Vulnerability

libpff is a tool for accessing files in PFF Personal Folder File and OFF Offline Folder File formats. A security vulnerability exists in libpffitemtreecreatenode in the libpffitemtree.c file in versions prior to libpff experimental-20180714. An attacker can exploit this vulnerability to cause a...

CVE-2018-5700

Winmail Server through 6.2 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php copyfolderfile call in inc/class.ftpfolder.php to move a .php file from the FTP folder into a web folder...