WordPress plugin ShopBuilder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin WP Directory Kit SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injectio...

Spotipy 跨站脚本漏洞

Spotipy is the spotipy-dev individual developer's lightweight Python library for the Spotify Web API. A cross-site scripting vulnerability exists in Spotipy versions prior to 2.25.2, which stems from the OAuth callback server failing to clean up incorrect parameters, which could lead to a...

Informática del Este WinPlus SQL注入漏洞

Informática del Este WinPlus is a human resource management platform from the Spanish company Informática del Este. An SQL injection vulnerability exists in Informática del Este WinPlus version v24.11.27, which stems from insufficient cleanup and escaping of the parameters val1 and cont, which...

IPFire 安全漏洞

IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire suffers from a cross-site scripting vulnerability that stems from insufficient PROT parameter cleanup and escaping, which can be exploited by an attacker to steal a victim's...

vdo.ninja 跨站脚本漏洞

vdo.ninja is a remote video input tool by Steve Seguin, an individual developer. A cross-site scripting vulnerability exists in vdo.ninja versions 28.0 through prior to 28.4, which stems from improper cleanup of the room parameter in examples/control.html, which could lead to a reflective...

MyClub 安全漏洞

MyClub is a club management software for jibux individual developers. A security vulnerability exists in MyClub version 0.5, which stems from insufficient cleanup of query parameter inputs and could lead to an SQL injection attack...

Codazon Magento Themes 安全漏洞

Codazon Magento Themes is a series of Magento platform-specific website themes and templates from Codazon. A security vulnerability exists in Codazon Magento Themes versions v1.1.0.0 through v2.4.7, which stems from insufficient cat parameter cleanup and escaping, and could lead to a reflective...

SourceForge Dogfood CRM 安全漏洞

SourceForge Dogfood CRM is a SourceForge open source information management system. A security vulnerability exists in SourceForge Dogfood CRM version 2.0.10, which stems from insufficient cleanup of the data parameter in the spell.php script, which could lead to remote command execution...

SelectZero Data Observability Platform 安全漏洞

SelectZero Data Observability Platform is a data processing platform from SelectZero Estonia. A security vulnerability exists in SelectZero Data Observability Platform versions prior to 2025.5.2, which stems from improper parameter cleanup and could lead to content spoofing or text injection...

WordPress plugin Gestion de tarifs SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A SQL injection...

WordPress FileBird SQL Injection Vulnerability

WordPress FileBird is a media library management plugin designed for WordPress to help users efficiently organize and manage their media files by providing features such as an intuitive folder system, drag-and-drop operation, search function and batch upload. WordPress FileBird suffers from a SQL...

Mitel多款产品 安全漏洞

Mitel 6800 Series and Mitel 6900 Series are both a series of phones from Mitel Canada. A security vulnerability exists in various Mitel products that stems from insufficient parameter cleanup and could lead to a command injection attack. The following products and versions are affected: Mitel 680...

WordPress plugin FileBird SQL注入漏洞

WordPress FileBird is a media library management plugin designed for WordPress to help users efficiently organize and manage their media files by providing features such as an intuitive folder system, drag-and-drop operation, search function and batch upload. WordPress FileBird suffers from a SQL...

Institute-of-Current-Students 安全漏洞

Institute-of-Current-Students is a school management website by the individual developer Vishal Mathur. A security vulnerability exists in version 1.0 of Institute-of-Current-Students, which stems from improper email parameter cleanup and could lead to reflective cross-site scripting...

Translated Lara Translate MCP Server 命令注入漏洞

Translated Lara Translate MCP Server is a Translated open source application. A command injection vulnerability exists in Translated Lara Translate MCP Server version 0.0.11 and earlier, which stems from insufficient cleanup of input parameters and could lead to a command injection attack...

Advantech iView SQL注入漏洞

Advantech iView is a Simple Network Protocol SNMP based software from Advantech, China to manage B + B SmartWorx devices. The Advantech iView suffers from an SQL injection vulnerability that originates from improper parameter cleanup in the NetworkServlet.getNextTrapPage function, which can be...

WordPress plugin Likes and Dislikes Plugin SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress plugin ProfilePro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress plugin User Profile Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...