647 matches found
WordPress Simple Ajax Chat <20220116 - Sensitive Information Disclosure vulnerability
WordPress Simple Ajax Chat before 20220216 is vulnerable to sensitive information disclosure. The plugin does not properly restrict access to the exported data via the sac-export.csv file, which could allow unauthenticated users to access it. id: CVE-2022-27849 info: name: WordPress Simple Ajax...
Prismatic < 2.8 - Cross-Site Scripting
The plugin does not escape the 'tab' GET parameter before outputting it back in an attribute, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator id: CVE-2021-24409 info: name: Prismatic 2.8 - Cross-Site Scripting author: Harsh...
PT-2026-31239
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Creatives Planet Emphires emphires allows PHP Local File Inclusion.This issue affects Emphires: from n/a through = 3.9...
CVE-2026-5471
A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on Android. Impacted is an unknown function of the file assets/google-services-desktop.json of the component app.investory.toyfactory. The manipulation of the argument currentkey results in use of hard-coded cryptographi...
EUVD-2026-18799
A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on Android. Impacted is an unknown function of the file assets/google-services-desktop.json of the component app.investory.toyfactory. The manipulation of the argument currentkey results in use of hard-coded cryptographi...
CVE-2026-5471
A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on Android. Impacted is an unknown function of the file assets/google-services-desktop.json of the component app.investory.toyfactory. The manipulation of the argument currentkey results in use of hard-coded cryptographi...
CVE-2026-5471 Investory Toy Planet Trouble App app.investory.toyfactory google-services-desktop.json hard-coded key
A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on Android. Impacted is an unknown function of the file assets/google-services-desktop.json of the component app.investory.toyfactory. The manipulation of the argument currentkey results in use of hard-coded cryptographi...
CVE-2026-5471 Investory Toy Planet Trouble App app.investory.toyfactory google-services-desktop.json hard-coded key
A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on Android. Impacted is an unknown function of the file assets/google-services-desktop.json of the component app.investory.toyfactory. The manipulation of the argument currentkey results in use of hard-coded cryptographi...
Investory Toy Planet Trouble App 安全漏洞
Investory Toy Planet Trouble App is an educational adventure game app developed by Investory. Versions of Investory Toy Planet Trouble App prior to 1.5.5 contained a security vulnerability, which was caused by the use of a hardcoded encryption key for the parameter currentkey...
PT-2026-30194
A vulnerability was detected in Investory Toy Planet Trouble App up to 1.5.5 on Android. Impacted is an unknown function of the file assets/google-services-desktop.json of the component app.investory.toyfactory. The manipulation of the argument current key results in use of hard-coded cryptograph...
CVE-2026-32392
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly greenly allows PHP Local File Inclusion.This issue affects Greenly: from n/a through = 8.1...
PT-2026-25238
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Creatives Planet Greenly greenly allows PHP Local File Inclusion.This issue affects Greenly: from n/a through = 8.1...
CVE-2026-3697
A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...
EUVD-2026-10204
A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...
CVE-2026-3697
A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...
CVE-2026-3697
Planet ICG-2510 1.0_20250811 is affected by CVE-2026-3697. The vulnerable element is function sub_40C8E4 in /usr/sbin/httpd within the Language Package Configuration Handler. A manipulation of the Language argument can cause a stack-based buffer overflow, with the attack described as remotely exe...
CVE-2026-3697 Planet ICG-2510 Language Package Configuration httpd sub_40C8E4 stack-based overflow
A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...
CVE-2026-3697 Planet ICG-2510 Language Package Configuration httpd sub_40C8E4 stack-based overflow
A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...
CVE-2026-3697
A vulnerability was determined in Planet ICG-2510 1.020250811. The impacted element is the function sub40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attack...
PT-2026-23907
A vulnerability was determined in Planet ICG-2510 1.0 20250811. The impacted element is the function sub 40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow. The attac...