Payara Server 安全漏洞

Payara Server is a cloud-native, innovative, open source middleware platform from Payara UK. A security vulnerability exists in Payara Server that stems from improper input neutralization leading to cross-site scripting and remote code inclusion. The following versions are affected: versions prio...

PT-2025-14390 · Digiwidgets · Digiwidgets Image Editor

Name of the Vulnerable Software and Affected Versions: DigiWidgets Image Editor versions 1.10 and earlier Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability, which allows Remote Code Inclusion. This means that an attacker could potentiall...

PT-2025-14394 · Unknown · Adamskaat Countdown & Clock

Name of the Vulnerable Software and Affected Versions: adamskaat Countdown & Clock versions n/a through 2.8.8 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability, which allows Remote Code Inclusion. Th...

CVE-2025-28893

Improper Control of Generation of Code 'Code Injection' vulnerability in Govind Visual Text Editor visual-text-editor allows Remote Code Inclusion.This issue affects Visual Text Editor: from n/a through = 1.2.1...

CVE-2025-28893

Improper Control of Generation of Code 'Code Injection' vulnerability in Govind Visual Text Editor visual-text-editor allows Remote Code Inclusion.This issue affects Visual Text Editor: from n/a through = 1.2.1...

CVE-2025-28893

CVE-2025-28893 affects the WordPress plugin Visual Text Editor (versions up to 1.2.1). The vulnerability is described as a code-generation/remote code execution issue, with the CWE suggesting code injection via generation of code, and the CVE entry noting Remote Code Execution . The issue appears...

WordPress plugin Visual Text Editor 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

CVE-2025-24677

Improper Control of Generation of Code 'Code Injection' vulnerability in wpspin Post/Page Copying Tool postpage-import-export-with-custom-fields-taxonomies allows Remote Code Inclusion.This issue affects Post/Page Copying Tool: from n/a through = 2.0.3...

CVE-2024-5683

Improper Control of Generation of Code 'Code Injection' vulnerability in Next4Biz CRM & BPM Software Business Process Manangement BPM allows Remote Code Inclusion. This issue affects Business Process Manangement BPM: from 6.6.4.4 before 6.6.4.5...

CVE-2024-26289

Deserialization of Untrusted Data vulnerability in PMB Services PMB allows Remote Code Inclusion.This issue affects PMB: from 7.5.1 before 7.5.6-2, from 7.4.1 before 7.4.9, from 7.3.1 before 7.3.18...

CVE-2025-24677

Improper Control of Generation of Code 'Code Injection' vulnerability in wpspin Post/Page Copying Tool postpage-import-export-with-custom-fields-taxonomies allows Remote Code Inclusion.This issue affects Post/Page Copying Tool: from n/a through = 2.0.3...

PT-2025-5497 · WordPress · Wpspins Post/Page Copying Tool

Name of the Vulnerable Software and Affected Versions: WPSpins Post/Page Copying Tool versions 0 through 2.0.3 Description: The issue is related to improper control of code generation, allowing remote code inclusion due to a code injection flaw. This enables remote code inclusion, posing a...

CVE-2024-13503 Stack-Based Buffer Overflow in Newtec's update signaling causes RCE

Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in Newtec NTC2218, NTC2250, NTC2299 on Linux, PowerPC, ARM Updating signaling process in the swdownload binary modules allows Local Execution of Code, Remote Code Inclusion. This issue affects NTC2218, NTC2250,...

CVE-2024-13503

CVE-2024-13503 affects Newtec NTC2218, NTC2250 and NTC2299 on Linux (PowerPC/ARM). A stack buffer overflow in the swdownload binary is caused by an unrestricted sscanf in the parse_INFO function, reading an incoming network packet into a fixed-size buffer. This leads to arbitrary code execution w...

[SECURITY] [DLA 3984-1] zabbix security update

Debian LTS Advisory DLA-3984-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost December 07, 2024 https://wiki.debian.org/LTS Package : zabbix Version : 1:5.0.45+dfsg-1+deb11u1 CVE ID : CVE-2024-36464 CVE-2024-42330 CVE-2024-42331 CVE-2024-42332 CVE-2024-42333 Debian...

Debian dla-3984 : zabbix-agent - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3984 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3984-1 [email protected]...

Vulnerabilities fixed in ABB ASPECT, NEXUS Series and MATRIX Series

ABB has fixed vulnerabilities in ABB ASPECT, NEXUS Series and MATRIX Series Specifically for versions up to 3.08.02. The vulnerabilities include unauthorized access to files on the Web server, which can lead to data leakage or unauthorized data manipulation. In addition, serious vulnerabilities...

CVE-2024-8215

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Payara Platform Payara Server Admin Console modules allows Remote Code Inclusion.This issue affects Payara Server: from 5.20.0 before 5.68.0, from 6.0.0 before 6.19.0, from 6.2022.1 before...

CVE-2024-8215

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Payara Platform Payara Server Admin Console modules allows Remote Code Inclusion.This issue affects Payara Server: from 5.20.0 before 5.68.0, from 6.0.0 before 6.19.0, from 6.2022.1 before...

CVE-2024-8215 Payload Injection Attack via Management REST interface

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Payara Platform Payara Server Admin Console modules allows Remote Code Inclusion.This issue affects Payara Server: from 5.20.0 before 5.68.0, from 6.0.0 before 6.19.0, from 6.2022.1 before...