1833 matches found
PT-2026-30198
Name of the Vulnerable Software and Affected Versions mlflow/mlflow affected versions not specified Description The FastAPI job endpoints under /ajax-api/3.0/jobs/ in mlflow/mlflow are not protected by authentication or authorization when the basic-auth app is enabled. If job execution is enabled...
OpenPrinting CUPS 输入验证错误漏洞
OpenPrinting CUPS is an open-source printing system developed by OpenPrinting Corporation, suitable for Linux® and other Unix®-based operating systems. Versions of OpenPrinting CUPS prior to 2.4.16 contained a vulnerability related to input validation. This vulnerability occurred in network-expos...
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the IO::FS::WRITE function. An attacker can write arbitrary files to unintended locations on the filesystem with attacker-controlled content by supplying crafted filenames containing traversal sequences, which ar...
PT-2026-30238
Name of the Vulnerable Software and Affected Versions CUPS versions 2.4.16 and prior Description A flaw exists in the CUPS printing system's cupsd daemon due to insufficient input validation when processing the textWithoutLanguage parameter. Successful exploitation allows a remote attacker to...
PT-2026-29811
Summary A path traversal vulnerability in Ferret's IO::FS::WRITE standard library function allows a malicious website to write arbitrary files to the filesystem of the machine running Ferret. When an operator scrapes a website that returns filenames containing ../ sequences, and uses those...
CVE-2026-23806
Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...
EUVD-2026-15542
Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...
CVE-2026-23806
Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...
CVE-2026-23806 WordPress Jobs for WordPress plugin <= 2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...
CVE-2026-23806
CVE-2026-23806 corresponds to a Missing Authorization / Broken Access Control vulnerability in the WordPress plugin Jobs for WordPress, affecting versions through 2.8. The issue arises from incorrectly configured access control security levels, potentially enabling unauthorized access or actions ...
CVE-2026-23806 WordPress Jobs for WordPress plugin <= 2.8 - Broken Access Control vulnerability
Missing Authorization vulnerability in BlueGlass Interactive AG Jobs for WordPress job-postings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Jobs for WordPress: from n/a through = 2.8...
EUVD-2019-20013
Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to newsdetails.php, jobsdetails.php, or jobcmpdetails.php with malicious 'id'...
CVE-2019-25636
Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to newsdetails.php, jobsdetails.php, or jobcmpdetails.php with malicious 'id'...
CVE-2019-25636
Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to newsdetails.php, jobsdetails.php, or jobcmpdetails.php with malicious 'id'...
CVE-2019-25636 Zeeways Jobsite CMS Lastest SQL Injection via id Parameter
Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to newsdetails.php, jobsdetails.php, or jobcmpdetails.php with malicious 'id'...
CVE-2019-25636 Zeeways Jobsite CMS Lastest SQL Injection via id Parameter
Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to newsdetails.php, jobsdetails.php, or jobcmpdetails.php with malicious 'id'...
CVE-2019-25636
Zeeways Jobsite CMS (CVE-2019-25636) contains an SQL injection vulnerability in the id parameter of the news_details.php, jobs_details.php, and job_cmp_details.php endpoints. The flaw allows unauthenticated attackers to manipulate database queries by injecting SQL code (including GROUP BY and CAS...
Wallos 代码问题漏洞
Wallos is an open-source personal subscription tracker developed by Miguel Ribeiro. Versions of Wallos prior to 4.7.0 had code vulnerabilities. These vulnerabilities stemmed from incomplete SSRF protections, and the save endpoint did not apply the validatewebhookurlforssrf protection. This allowe...
PT-2026-27370
Zeeways Jobsite CMS contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'id' GET parameter. Attackers can send crafted requests to news details.php, jobs details.php, or job cmp details.php with malicious...
How to Safely Perform Snapshot Rollback of Veeam Backup for Microsoft 365
Purpose This article provides step-by-step guidance for performing a snapshot rollback of a Veeam Backup for Microsoft 365 deployment in the event of a disaster. Critical Warning Rolling back to a snapshot is a complex and highly risky process that should only be performed in rare disaster...