PT-2026-28715

Name of the Vulnerable Software and Affected Versions Sinaptik AI PandasAI versions up to 3.0.0 Description A security flaw exists in Sinaptik AI PandasAI up to version 3.0.0. The issue resides within the is sql query safe function located in the pandasai/helpers/sql sanitizer.py file, allowing f...

EUVD-2025-18328

Malicious code in bioql PyPI...

PT-2025-32457 · Unknown · Portabilis I-Educar

Name of the Vulnerable Software and Affected Versions: Portabilis i-Educar versions up to 2.9 Description: A problematic issue exists in Portabilis i-Educar up to version 2.9, specifically within the Cadastrar Vínculo Page. The issue involves the manipulation of the nome argument in the...

WordPress Restrict File Access plugin <= 1.1.2 - Cross-Site Request Forgery to Arbitrary File Deletion vulnerability

Cross-Site Request Forgery to Arbitrary File Deletion vulnerability discovered by johska in WordPress Plugin Restrict File Access versions = 1.1.2...

CVE-2025-7667 Restrict File Access <= 1.1.2 - Cross-Site Request Forgery to Arbitrary File Deletion

The Restrict File Access plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.2. This is due to missing or incorrect nonce validation on the 'restrict-file-access' page. This makes it possible for unauthenticated attackers to to delete arbitra...

WordPress plugin Restrict File Access 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2025-6070

The Restrict File Access plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.2 via the output function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server...

WordPress plugin Restrict File Access 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A path traversal vulnerability exis...

PT-2025-25483 · WordPress · Restrict File Access

Name of the Vulnerable Software and Affected Versions: Restrict File Access plugin for WordPress versions up to, and including, 1.1.2 Description: The issue allows authenticated attackers with Subscriber-level access and above to read the contents of arbitrary files on the server, which can conta...

PT-2025-7130 · Q Free · Q-Free Maxtime

Name of the Vulnerable Software and Affected Versions: Q-Free MaxTime versions 2.11.0 and earlier Description: The issue is related to missing authentication for a critical function, allowing an unauthenticated remote attacker to reset arbitrary user passwords via crafted HTTP requests. This is d...

PT-2024-16407 · Safenet · Esafenet Cdg

Name of the Vulnerable Software and Affected Versions: ESAFENET CDG version 5 Description: A critical issue affects the delProtocol function of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the id argument leads to SQL injection. The attack may be initiate...

PT-2024-2073 · Dataease · Dataease

Name of the Vulnerable Software and Affected Versions: Dataease versions prior to 1.18.15 Dataease versions prior to 2.3.0 Description: A deserialization vulnerability exists in the DataEase datasource, which can be exploited to execute arbitrary code. The location of the vulnerability code is...

PT-2024-15796 · Unknown · Hecheng Leadshop

Name of the Vulnerable Software and Affected Versions: Hecheng Leadshop versions up to 1.4.20 Description: A critical issue was found in Hecheng Leadshop, affecting an unknown function of the file /web/leadshop.php. The manipulation of the install argument leads to deserialization. It is possible...

PT-2024-13959 · Traccar · Traccar

Name of the Vulnerable Software and Affected Versions: Traccar versions prior to 5.11 Description: Traccar, an open source GPS tracking system, is affected by an unrestricted file upload vulnerability in the File feature. This allows attackers to execute arbitrary code on the server. The issue is...

PT-2023-8942 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev566-g50c2ab06f-master Description: The issue is related to the gf filterpacket del function in the /gpac/src/filter core/filter.c file of the GPAC multimedia platform. It involves incorrect use of dynamic memory, which...

PT-2023-26794 · Gnu +3 · Gdb +3

Name of the Vulnerable Software and Affected Versions: GNU gdb GDB version 13.0.50.20220805-git Description: A stack overflow issue was discovered in the function ada decode at /gdb/ada-lang.c. This issue affects the GNU gdb GDB debugger. Recommendations: For GNU gdb GDB version...

PT-2023-3612 · Advantech · Advantech R-Seenet

Name of the Vulnerable Software and Affected Versions: Advantech R-SeeNet version 2.4.22 Description: The issue is related to incorrect external control of a file name or path, allowing a remote attacker to gain unauthorized access to local files by sending specially crafted HTTP requests. This c...

PT-2023-6440 · Adobe · Acrobat Reader

Name of the Vulnerable Software and Affected Versions: Adobe Acrobat Reader versions 23.001.20093 and earlier Adobe Acrobat Reader versions 20.005.30441 and earlier Description: The issue is related to a use-after-free vulnerability that could result in arbitrary code execution in the context of...

PT-2023-21333 · Wondershare · Wondershare Anireel

Name of the Vulnerable Software and Affected Versions: Wondershare Anireel version 1.5.4 Description: An issue in Wondershare Anireel allows a remote attacker to execute arbitrary commands via the anireel setup full9589.exe file. Recommendations: For Wondershare Anireel version 1.5.4, consider...

PT-2023-17163 · Xunruicms · Xunruicms

Name of the Vulnerable Software and Affected Versions: Xunrui CMS version 4.61 Description: A problematic issue has been found in the processing of the file /dayrui/My/View/main.html, leading to information disclosure. The attack may be initiated remotely. Recommendations: For Xunrui CMS version...