19 matches found
CVE-2026-48778 Notepad++: Arbitrary Code Execution via config.xml commandLineInterpreter
Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value Parameters.cpp:6430 and stored in nppGUI.commandLineInterpreter without any validation, whitelist, or digital signature check. When the user triggers IDMFILEOPENCMD File → Open...
EUVD-2025-204087
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.6.1...
CVE-2025-64191
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows Reflected XSS.This issue affects XStore: from n/a through 9.6.1...
CVE-2025-64193 WordPress XStore theme < 9.6.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in 8theme XStore xstore allows PHP Local File Inclusion.This issue affects XStore: from n/a through 9.6.1...
CVE-2025-64191 WordPress XStore theme < 9.6.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore xstore allows Reflected XSS.This issue affects XStore: from n/a through 9.6.1...
SLiMS 9 Bulian 安全漏洞
SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which originates...
SLiMS 9 Bulian 安全漏洞
SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which originates...
SLiMS 9 Bulian 安全漏洞
SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version 9.6.1, which stems from...
PT-2024-26924 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 8.1.x through 8.1.12 Mattermost versions 9.5.x through 9.5.3 Mattermost versions 9.6.x through 9.6.1 Description: The issue is related to a failure in enforcing proper access controls, allowing users to view arbitrary post...
PT-2024-35417 · Mattermost · Mattermost
Name of the Vulnerable Software and Affected Versions: Mattermost versions 8.1.x through 8.1.12 Mattermost versions 9.5.x through 9.5.3 Mattermost versions 9.6.x through 9.6.1 Description: The issue is related to the "custom playbooks playbook run updated" webhook event, where guests on a channel...
PT-2024-20862 · Slims · Slims
Name of the Vulnerable Software and Affected Versions: SLIMS Senayan Library Management Systems 9 Bulian version 9.6.1 Description: The issue is related to SQL Injection via the pop-scope-vocabolary.php file. This allows for potential exploitation. No information is provided about the estimated...
SLiMS 9 Bulian Security Vulnerability
SLiMS 9 Bulian is a free and open source software from the SLiMS community in Indonesia. It is used for library resource management e.g. books, journals, digital files and other library materials and administration. A security vulnerability exists in SLiMS 9 Bulian version v.9.6.1, which stems fr...
GHSA-6278-2Q4M-CMF3 ZK Framework vulnerable to malicious POST
ZK Framework version 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader...
VulnCheck KEV: CVE-2021-36888
Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate versions = 9.6.1 WordPress plugin...
Yellowfin Business Intelligence Yellowfin 跨站脚本漏洞
Yellowfin is a business intelligence automated analytics, cross-vendor narrative and collaboration software suite. A stored cross-site scripting vulnerability exists in the video embedding feature in Yellowfin versions prior to 9.6.1. An attacker can exploit this vulnerability by sending a...
PT-2021-21267 · Yellowfin · Yellowfin
Name of the Vulnerable Software and Affected Versions: Yellowfin versions prior to 9.6.1 Description: The issue allows enumeration and download of uploaded images through an Insecure Direct Object Reference vulnerability. This can be exploited by sending a specially crafted HTTP GET request to th...
CVE-2017-3102
Adobe Connect versions 9.6.1 and earlier have a reflected cross-site scripting vulnerability. Successful exploitation could lead to a reflected cross-site scripting attack...
Adobe Connect Clickjacking Vulnerability
Adobe Connect for Windows formerly known as Macromedia Breeze is the United States of America Odobie Adobe company's set of Windows-based enterprise-class network communication solutions. The program provides web conferencing, e-learning and webinar features. A clickjacking vulnerability exists i...
PT-2017-17652 · Riverbed · Riverbed Rios
Name of the Vulnerable Software and Affected Versions: Riverbed RiOS versions prior to 9.6.1 Description: The issue is related to a weak default password for the secure vault in Riverbed RiOS, which can be exploited by physically proximate attackers who have knowledge of the password algorithm an...