256 matches found
CVE-2025-26933
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Nitin Prakash WC Place Order Without Payment wc-place-order-without-payment allows PHP Local File Inclusion.This issue affects WC Place Order Without Payment: from n/a through =...
CVE-2024-56051
Improper Control of Generation of Code 'Code Injection' vulnerability in VibeThemes WPLMS wplmsplugin allows Code Injection.This issue affects WPLMS: from n/a through 1.9.9.5...
CVE-2024-50498
Improper Control of Generation of Code 'Code Injection' vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through = 1.0...
CVE-2025-22204 Extension - regularlabs.com - Remote code execution vulnerability in the Sourcerer extensions < 12.0.0 for Joomla
Improper control of generation of code in the sourcerer extension for Joomla in versions before 11.0.0 lead to a remote code execution vulnerability...
The vulnerability of the kernel component of the Linux operating system, which allows a hacker to cause a service failure
The vulnerability of the kernel component of the Linux operating system is related to improper control of resource identifiers. Exploiting this vulnerability can allow an attacker to cause a service failure...
CVE-2024-13274 Open Social - Moderately critical - Denial of Service - SA-CONTRIB-2024-038
Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5...
CVE-2024-13274
CVE-2024-13274 affects Drupal Open Social, specifically versions prior to 12.3.8 and prior to 12.4.5. The root cause is improper validation of flood control limits on the password reset form, enabling potential abuse that could lead to a Denial of Service. Public references from Drupal advisories...
CVE-2024-13274 Open Social - Moderately critical - Denial of Service - SA-CONTRIB-2024-038
Improper Control of Interaction Frequency vulnerability in Drupal Open Social allows Functionality Misuse.This issue affects Open Social: from 0.0.0 before 12.3.8, from 12.4.0 before 12.4.5...
CVE-2024-56051
Improper Control of Generation of Code 'Code Injection' vulnerability in VibeThemes WPLMS allows Code Injection.This issue affects WPLMS: from n/a before 1.9.9.5...
CVE-2024-10094
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...
CVE-2024-10094
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...
CVE-2024-10094
Pega Platform versions 6.x to Infinity 24.1.1 are affected by an issue with Improper Control of Generation of Code...
CVE-2024-50436
CVE-2024-50436 is a Local File Inclusion vulnerability in the WordPress Theme Clean Retina (Theme Horse)
CVE-2024-50498
Improper Control of Generation of Code 'Code Injection' vulnerability in LUBUS WP Query Console allows Code Injection.This issue affects WP Query Console: from n/a through 1.0...
CVE-2024-50492
Improper Control of Generation of Code 'Code Injection' vulnerability in Scott Paterson ScottCart allows Code Injection.This issue affects ScottCart: from n/a through 1.1...
PT-2024-34270 · Scottcart · Scottcart
Name of the Vulnerable Software and Affected Versions: ScottCart versions n/a through 1.1 Description: The issue is related to improper control of generation of code, also known as 'Code Injection'. This allows for code injection in ScottCart. Recommendations: For versions n/a through 1.1, consid...
Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2024-6345 DESCRIPTION: pypa/setuptools could allow a...
CVE-2024-49251
CVE-2024-49251 corresponds to a Local File Inclusion in the WordPress plugin Maan Addons For Elementor (
PT-2024-33392 · Sunjianle · Ajax-Extend
Name of the Vulnerable Software and Affected Versions: Sunjianle ajax-extend versions n/a through 1.0 Description: The issue is related to improper control of code generation, allowing code injection. This vulnerability exists in Sunjianle and affects the ajax-extend component. Recommendations: F...
Optigo Networks ONS-S8 - Spectra Aggregation Switch
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Optigo Networks Equipment: ONS-S8 - Spectra Aggregation Switch Vulnerabilities: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion', Weak...