6 matches found
CVE-2025-57810
jsPDF is a library to generate PDFs in JavaScript. Prior to 3.0.2, user control of the first argument of the addImage method results in CPU utilization and denial of service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful PNG...
Keystone 注入漏洞
Keystone is a powerful CMS designed to help you build and scale faster than any other Cms or application framework. A security vulnerability exists in Keystone versions prior to 3.0.2, which stems from the possibility of being inlined to user code if security-sensitive functionality is triggered...
PT-2022-21895 · WordPress · Easy Digital Downloads
Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads plugin versions prior to 3.0.2 Description: A PHP Object Injection issue affects the Easy Digital Downloads plugin at WordPress. Recommendations: For versions prior to 3.0.2, update to version 3.0.2 or later to resolve...
CVE-2020-10603
WebAccess/NMS versions prior to 3.0.2 does not properly sanitize user input and may allow an attacker to inject system commands remotely...
CVE-2020-10629
WebAccess/NMS versions prior to 3.0.2 does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files...
Advantech WebAccess/NMS Path Traversal Vulnerability (CNVD-2020-22313)
Advantech WebAccess/NMS is a web browser based software suite for Network Management Systems NMS. A path traversal vulnerability exists in Advantech WebAccess/NMS versions prior to 3.0.2, which can be exploited by an attacker with a specially crafted URL to delete files beyond the control of the...