CVE-2025-34319

TOTOLINK N300RT wireless router firmware versions prior to V3.4.0-B20250430 discovered in V2.1.8-B20201030.1539 contain an OS command injection vulnerability in the Boa formWsc handling functionality. An unauthenticated attacker can send specially crafted requests to trigger command execution via...

WordPress WP Staging < 3.4.0 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin WP STAGING – Backup Duplicator & Migration versions 3.4.0...

CVE-2022-36220

Kiosk breakout without quit password in Safe Exam Browser Windows 3.4.0, which allows an attacker to achieve code execution via the browsers' print dialog...

bootstrap: XSS in the data-target attribute

In Bootstrap 3.x before 3.4.0 and 4.x-beta before 4.0.0-beta.2, XSS is possible in the data-target attribute, a different vulnerability than CVE-2018-14041...

katello-debug Arbitrary File Overwrite Vulnerability

Katello is a system management engine that provides workflows for configuration management, subscription management and content management. katello-debug is one of the debuggers. An arbitrary file overwrite vulnerability exists in versions prior to katello-debug 3.4.0, which stems from the use of...