Access Control Bypass

Overview Affected versions of this package are vulnerable to Access Control Bypass due to the misconfiguration in the fromNodes and toNodes fields. By exploiting the label mismatches, an attacker can bypass network policies and access unauthorized network endpoints. Note: This is only exploitable...

CVE-2025-30163 Node based network policies may incorrectly allow workload traffic

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Node based network policies fromNodes and toNodes will incorrectly permit traffic to/from non-node endpoints that share the labels specified in fromNodes and toNodes sections of network policies. Node based...

How Counterfeiters Use Technology to Fake Product Labels (and Strategies to Combat Fraud)

Counterfeit products are a growing problem in today’s market. With advancements in technology, counterfeiters have become more skilled…...

CVE-2025-23903

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in woofx Local Shipping Labels for WooCommerce local-shipping-labels-for-woocommerce allows Reflected XSS.This issue affects Local Shipping Labels for WooCommerce: from n/a through = 1.0.0...

CVE-2025-23903

CVE-2025-23903 is a reflected cross-site scripting (XSS) vulnerability in the WordPress plugin Local Shipping Labels for WooCommerce (NotFound) affecting versions up to and including 1.0.0. The issue arises from improper input neutralization during web page generation, enabling Reflected XSS. CVS...

CVE-2025-23903 WordPress Local Shipping Labels for WooCommerce Plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in woofx Local Shipping Labels for WooCommerce local-shipping-labels-for-woocommerce allows Reflected XSS.This issue affects Local Shipping Labels for WooCommerce: from n/a through = 1.0.0...

CVE-2025-23903 WordPress Local Shipping Labels for WooCommerce Plugin <= 1.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in woofx Local Shipping Labels for WooCommerce local-shipping-labels-for-woocommerce allows Reflected XSS.This issue affects Local Shipping Labels for WooCommerce: from n/a through = 1.0.0...

WordPress plugin Local Shipping Labels for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2023-51336

PHPJabbers Meeting Room Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...

CVE-2023-51333

PHPJabbers Cinema Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

CVE-2023-51324

PHPJabbers Shared Asset Booking System v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...

CVE-2023-51320

PHPJabbers Night Club Booking Software v1.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV...

CVE-2023-51319

PHPJabbers Bus Reservation System v1.1 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

CVE-2023-51311

PHPJabbers Car Park Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

CVE-2023-51313

PHPJabbers Restaurant Booking System v3.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV fi...

PT-2025-7296 · Phpjabbers · Phpjabbers Restaurant Booking System

Name of the Vulnerable Software and Affected Versions: PHPJabbers Restaurant Booking System version 3.0 Description: The issue is related to a CSV Injection vulnerability that allows an attacker to execute remote code. This vulnerability exists due to insufficient input validation on the Language...

PT-2025-7311 · Phpjabbers · Phpjabbers Cleaning Business

Name of the Vulnerable Software and Affected Versions: PHPJabbers Cleaning Business Software version 1.0 Description: The issue exists due to insufficient input validation on the Languages section Labels any parameters field in System Options that is used to construct a CSV file, allowing an...

PT-2025-7316 · Phpjabbers · Phpjabbers Meeting Room Booking System

Name of the Vulnerable Software and Affected Versions: PHPJabbers Meeting Room Booking System version 1.0 Description: The issue is related to a CSV Injection vulnerability that allows an attacker to execute remote code. This vulnerability exists due to insufficient input validation on the...

CVE-2023-51302

PHPJabbers Hotel Booking System v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...

CVE-2023-51298

PHPJabbers Event Booking Calendar v4.0 is vulnerable to CSV Injection vulnerability which allows an attacker to execute remote code. The vulnerability exists due to insufficient input validation on Languages section Labels any parameters field in System Options that is used to construct CSV file...