Mail MCP Bridge 路径遍历漏洞

Mail MCP Bridge is a messaging analysis tool developed by Fatbobman Dongpo Zhouzi, which connects macOS email messages with AI. Versions of Mail MCP Bridge 1.3.3 and earlier have a path traversal vulnerability. This vulnerability stems from improper handling of the parameter messageids in the fil...

CVE-2026-4815

A SQL Injection vulnerability has been found in Support Board v3.7.7. This vulnerability allows an attacker to retrieve, create, update and delete database via 'calls0messageids' parameter in '/supportboard/include/ajax.php' endpoint...

WordPress WooCommerce Food - Restaurant Menu & Food ordering plugin <= 3.3.2 - Unauthenticated Arbitrary Shortcode Execution via ids vulnerability

WordPress WooCommerce Food - Restaurant Menu & Food ordering plugin = 3.3.2 - Unauthenticated Arbitrary Shortcode Execution via ids vulnerability discovered by Lucio Sá in WordPress Plugin WooCommerce Food - Restaurant Menu & Food ordering versions = 3.3.2...

PT-2024-22870 · Addactis · Addactis Ibnrs

Name of the Vulnerable Software and Affected Versions: Addactis IBNRS version 3.10.3.107 Description: The issue allows a remote attacker to execute arbitrary code via a crafted .ibnrs file to the Project Description, Identifiers, Custom Triangle Name inside Input Triangles, and Yield Curve Name...

forkcms SQL注入漏洞

forkcms is an application. A CMS. forkcms version 5.11.1 previously contained a SQL injection vulnerability that stemmed from a lack of validation of externally entered SQL statements in the ids parameter of blog comments. An attacker could use this vulnerability to execute illegal SQL commands t...

CVE-2018-19061

DedeCMS 5.7 SP2 has SQL Injection via the dede\codo.php ids parameter...