PT-2025-21428 · WordPress · Prisna Gwt Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Prisna GWT WordPress plugin versions prior to 1.4.14 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This is possible even when the unfiltered html capability is disallowed,...

Huawei HarmonyOS Permission Issues Vulnerability

Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a privilege issue vulnerability that stems from an improper implementation of the file system module's authentication logic, which can be exploited by an attacker to steal sensitive information ...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from the Chinese company Huawei. Huawei HarmonyOS suffers from a privilege issue vulnerability that stems from an improper implementation of the file system module's authentication logic, which can be exploited by an attacker to steal sensitive information ...

IBM InfoSphere Information Server 安全漏洞

IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines IBM. The platform can be used to integrate data information obtained from various sources. An authorization issue vulnerability exists in IBM InfoSphere Information Server version 11.7 th...

NETGEAR DGN2200 Privilege Issue Vulnerability

The NETGEAR DGN2200 is a wireless router from NETGEAR. The NETGEAR DGN2200 is vulnerable to a privilege issue. An attacker can exploit the vulnerability by adding "?x=1.gif" to the requested URL to be recognized as authenticated...

TSplus Remote Access 安全漏洞

TSplus Remote Access is a software from TSplus for remote desktop access and Windows application delivery. Used to enable remote desktop and web access, it enhances remote printing. A security vulnerability exists in TSplus Remote Access version 17.30, which stems from improper privileges and lea...

Moodle 安全漏洞

Moodle is Moodle open source set of free e-learning software platform, also known as course management system, learning management system or virtual learning environment. A vulnerability exists in Moodle for privilege issues. The vulnerability stems from insufficient permission checking that allo...

JetBrains TeamCity Permission Issues Vulnerability

JetBrains TeamCity is a powerful continuous integration and continuous delivery CI/CD tool developed by JetBrains. JetBrains TeamCity suffers from a privilege issue vulnerability that originates from decrypting connection secrets without proper privileges by testing the connection endpoint. No...

Ivanti Secure Access Client Privilege Issue Vulnerability

Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. to enable remote secure access, supporting enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client suffers from a privilege issue vulnerability that can be exploited by an...

Ivanti Secure Access Client 安全漏洞

Ivanti Secure Access Client is a security software client developed by Ivanti, Inc. to enable remote secure access, supporting enterprise-class VPN connections and encrypted access to resources. Ivanti Secure Access Client suffers from a privilege issue vulnerability that can be exploited by an...

PT-2025-2648 · Otrs · Otrs

Name of the Vulnerable Software and Affected Versions: OTRS versions 6.0.x through 8.0.x OTRS versions 2023.x through 2024.x Description: An improper privilege management issue in the OTRS Generic Interface module allows users with read-only permissions to change the ticket status. This issue may...

IBM i 访问控制错误漏洞

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. An access control error vulnerability exists in IBM i that stems from insufficient privilege requests. The following versions are affected: version 7.2, version 7.3,...

JetBrains TeamCity 安全漏洞

JetBrains TeamCity is a powerful continuous integration and continuous delivery CI/CD tool developed by JetBrains. JetBrains TeamCity suffers from a privilege issue vulnerability that originates from decrypting connection secrets without proper privileges by testing the connection endpoint. No...

CVE-2024-9638 Category Posts Widget < 4.9.18 - Admin+ Stored XSS

The Category Posts Widget WordPress plugin before 4.9.18 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

Ivanti Desktop and Server Management Privilege Issues Vulnerability

Ivanti Desktop and Server Management Ivanti DSM is a multi-platform, unified endpoint management solution from Ivanti Corporation. Ivanti Desktop and Server Management suffers from a privilege issue vulnerability that stems from insufficient privileges. An attacker could exploit this vulnerabilit...

Ivanti Patch SDK Permission Issues Vulnerability

Ivanti Patch SDK is a security tool development kit provided by Ivanti to help organizations automate system vulnerability remediation and patch management. Ivanti Patch SDK suffers from a privilege issue vulnerability that stems from insufficient privileges. An attacker could exploit this...

Huawei HarmonyOS Permission Issues Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a privilege issue vulnerability. The vulnerability originates in the UIExtension module and can be exploited by an attacker to...

Discourse 信息泄露漏洞

Discourse is Discourse open source set of open source community discussion platform. The platform includes features such as community , e-mail and chat rooms . Discourse has an authorization issue vulnerability that stems from improper privilege management of the Filter Email List feature in the...

Huawei HarmonyOS 权限许可和访问控制问题漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a privilege issue vulnerability. The vulnerability originates in the UIExtension module and can be exploited by an attacker to...

Ivanti Desktop and Server Management 安全漏洞

Ivanti Desktop and Server Management Ivanti DSM is a multi-platform, unified endpoint management solution from Ivanti Corporation. Ivanti Desktop and Server Management suffers from a privilege issue vulnerability that stems from insufficient privileges. An attacker could exploit this vulnerabilit...