PT-2026-4544

ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an payload containing a javascript: URI can be processed and executed in the browser context. This allow...

EUVD-2025-38250

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection', CWE - 564 - SQL Injection: Hibernate vulnerability in GG Soft Software Services Inc. PaperWork allows Blind SQL Injection, SQL Injection.This issue affects PaperWork: from 6.1.0.9390 before 6.1.0.9398...

WordPress plugin HT Mega – Absolute Addons for WPBakery Page Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A cross-site scriptin...

CVE-2021-32828

The Nuxeo Platform is an open source content management platform for building business applications. In version 11.5.109, the oauth2 REST API is vulnerable to Reflected Cross-Site Scripting XSS. This XSS can be escalated to Remote Code Execution RCE by levering the automation API...

WordPress Grip theme <= 1.0.9 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by tahu.datar Patchstack Alliance in WordPress Theme Grip versions = 1.0.9...

OPENSUSE-SU-2021:0397-1 Security update for mbedtls

This update for mbedtls fixes the following issues: - mbedtls was updated to version 2.16.9 - CVE-2020-10932: Fixed side channel in ECC code that allowed an adversary with access to precise enough timing and memory access information typically an untrusted operating system attacking a secure...

CVE-2012-1094

creationtimestamp| type| source ---|---|--- 2020-03-10 19:43:11+00:00| seen| https://t.me/cibsecurity/10416...