8 matches found
EUVD-2025-208301
Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Lendiz lendiz allows Upload a Web Shell to a Web Server.This issue affects Lendiz: from n/a through 2.0.1...
CVE-2025-68549 WordPress Wiguard theme < 2.0.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in zozothemes Wiguard wiguard allows Upload a Web Shell to a Web Server.This issue affects Wiguard: from n/a through 2.0.1...
PT-2025-4578 · Unknown · Prayer Times Anywhere
Name of the Vulnerable Software and Affected Versions: Prayer Times Anywhere versions prior to 2.0.1 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web...
UBUNTU-CVE-2023-43646
get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service redos vulnerability which may lead to a denial of service when parsing malicious input. This vulnerabilit...
json-logic-js 命令注入漏洞
json-logic-js is an application by Jeremy Wadhams personal developer. It is used to build complex rules, serialize them to JSON, and execute them in JavaScript. A command injection vulnerability exists in versions of json-logic-js prior to 2.0.1, which stems from the presence of a command injecti...
opensearch-ruby 代码问题漏洞
opensearch-ruby is an open source Ruby client for OpenSearch from opensearch-project. A code issue vulnerability exists in opensearch-ruby that stems from the use of the ruby YAML.load function instead of YAML.safeload in versions prior to 2.0.1. As a result, opensearch-ruby 2.0.0 and earlier may...
Xavier Hahn vscode-matlab 默认配置问题漏洞
Xavier Hahn vscode-matlab is an open source application by Xavier Hahn. MATLAB extension before 2.0.1 suffers from a Default Configuration Issue vulnerability that can be exploited by an attacker to execute arbitrary code via a crafted workspace...
IBM Rational Publishing Engine Cross-Site Scripting Vulnerability
IBM Rational Publishing Engine is the U.S. IBM company's set of specialized for the product development process involves documents, reports for automated generation, publishing tools. A cross-site scripting vulnerability exists in ifix002 versions of IBM Rational Publishing Engine prior to 2.0.1,...