49 matches found
CVE-2026-23386
In the Linux kernel, the following vulnerability has been resolved: gve: fix incorrect buffer cleanup in gvetxcleanpendingpackets for QPL In DQ-QPL mode, gvetxcleanpendingpackets incorrectly uses the RDA buffer cleanup path. It iterates numbufs times and attempts to unmap entries in the dma array...
EUVD-2025-205494
A vulnerability was detected in JeecgBoot up to 3.9.0. This issue affects the function queryPageList of the file /sys/sysDepartRole/list. The manipulation of the argument deptId results in improper authorization. The attack can be executed remotely. A high complexity level is associated with this...
EUVD-2019-5370
Malware in sbrugna...
EUVD-2025-25749
Malicious code in bioql PyPI...
EUVD-2024-42418
Malicious code in bioql PyPI...
EUVD-2025-30609
Malicious code in bioql PyPI...
CVE-2025-58030
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly Page-list page-list allows Stored XSS.This issue affects Page-list: from n/a through = 5.8...
CVE-2025-58030
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly Page-list page-list allows Stored XSS.This issue affects Page-list: from n/a through = 5.8...
WordPress Page-list Plugin <= 5.8 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by zaim in WordPress Plugin Page-list versions = 5.8...
CVE-2025-58030 WordPress Page-list Plugin <= 5.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly Page-list page-list allows Stored XSS.This issue affects Page-list: from n/a through = 5.8...
CVE-2025-58030
The CVE-2025-58030 entry concerns a Stored XSS in the WordPress Page-list plugin (v5.7 and earlier). Root cause: improper neutralization of input during web page generation. Affected: Page-list. Status in the provided docs: patch status Unpatched; CVSS v3.1 base score 6.5 (AV:N/AC:L/PR:L/UI:R/S:C...
CVE-2025-58030 WordPress Page-list Plugin <= 5.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webvitaly Page-list page-list allows Stored XSS.This issue affects Page-list: from n/a through = 5.8...
WordPress plugin Page-list 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-38879
Name of the Vulnerable Software and Affected Versions webvitaly Page-list versions through 5.7 Description A flaw exists in webvitaly Page-list that allows for Stored Cross-site Scripting XSS. This occurs due to improper neutralization of input during web page generation. The issue allows an...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection via the SelectPageList function in the LoginInforService.go file when handling the isAsc argument. An attacker can execute unauthorized SQL commands by supplying crafted input remotely. Remediation There is no fixed versio...
CVE-2025-9411
A security vulnerability has been detected in lostvip-com ruoyi-go up to 2.1. The impacted element is the function SelectPageList of the file modules/system/service/LoginInforService.go. The manipulation of the argument isAsc leads to sql injection. The attack can be initiated remotely. The explo...
CVE-2025-9411
CVE-2025-9411 affects lostvip-com ruoyi-go up to version 2.1. The vulnerability is in the SelectPageList function of modules/system/service/LoginInforService.go, where manipulation of the isAsc argument enables SQL injection. Exploitation is remote and has been publicly disclosed; multiple source...
PT-2025-34687 · Lostvip Com · Ruoyi-Go
Name of the Vulnerable Software and Affected Versions: lostvip-com ruoyi-go versions up to 2.1 Description: A security issue exists in the SelectPageList function within the modules/system/service/LoginInforService.go file. Manipulation of the isAsc argument can lead to SQL injection. This issue ...
CVE-2025-8701
A vulnerability was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /OLOprationLog/GetPageList. The manipulation of the argument optUser leads to sql injection. The attack may ...
Wanzhou WOES Intelligent Optimization Energy Saving System 注入漏洞
Wanzhou WOES Intelligent Optimization Energy Saving System is an Intelligent Optimization Energy Saving System from the Chinese company Wanzhou. An injection vulnerability exists in version 1.0 of the Wanzhou WOES Intelligent Optimization Energy Saving System, which originates from SQL injection...