20 matches found
PT-2025-14818 · Unknown · Projectworlds Online Doctor Appointment Booking System
Name of the Vulnerable Software and Affected Versions: projectworlds Online Doctor Appointment Booking System version 1.0 Description: A critical issue was found in the projectworlds Online Doctor Appointment Booking System. The vulnerability affects an unknown functionality of the file...
PT-2025-3801 · Codezips · Codezips Gym Management System
Name of the Vulnerable Software and Affected Versions: Codezips Gym Management System version 1.0 Description: A critical issue has been found in the Codezips Gym Management System, affecting an unknown functionality of the file /dashboard/admin/submit payments.php. The manipulation of the m id...
PT-2024-17026 · 115Cms · 115Cms
Name of the Vulnerable Software and Affected Versions: 115cms versions up to 20240807 Description: A vulnerability was found in the processing of the file /app/admin/view/web user.html, where the manipulation of the argument ks leads to cross-site scripting. The attack may be initiated remotely...
PT-2024-28779 · Unknown · Boa Web Server +1
Name of the Vulnerable Software and Affected Versions: Vilo 5 Mesh WiFi System versions 5.16.1.33 and earlier Description: The issue concerns a lack of authentication in the Boa webserver, allowing remote, unauthenticated attackers to retrieve logs containing sensitive system information...
PT-2024-32542 · Elementor · Elementsready Addons For Elementor
Name of the Vulnerable Software and Affected Versions: ElementsReady Addons for Elementor versions n/a through 6.4.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
PT-2024-37781 · Tnb Mobile Solutions · Tnb Mobile Solutions Cockpit
Name of the Vulnerable Software and Affected Versions: TNB Mobile Solutions Cockpit Software versions prior to v2.13 Description: The issue is related to the use of hard-coded credentials in TNB Mobile Solutions Cockpit Software, allowing unauthorized access to read sensitive strings within an...
PT-2024-38071 · WordPress · Essential Addons For Elementor
Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress versions up to, and including, 5.9.27 Description: The issue is related to Stored Cross-Site Scripting via the no more...
PT-2024-29006 · Netbox · Netbox
Name of the Vulnerable Software and Affected Versions: netbox version 4.0.3 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at "/dcim/interfaces/add/". Recommendations: For netbox versio...
PT-2024-28718 · Unknown +1 · Opensearch +1
Name of the Vulnerable Software and Affected Versions: OpenSearch versions prior to 2.14 Description: An issue in the OpenSearch reporting plugin allows unintended access to private tenant resources like notebooks. The system did not properly check if the user was the resource author when accessi...
PT-2024-28414 · WordPress · Element Pack Elementor Addons
Name of the Vulnerable Software and Affected Versions: The Element Pack Elementor Addons plugin for WordPress versions up to, and including, 5.6.3 Description: The issue arises from the plugin not properly checking all variations of an administrator's email, allowing unauthenticated attackers to...
PT-2024-21309 · Fujian Kelixin · Fujian Kelixin Communication Command/Dispatch Platform
Name of the Vulnerable Software and Affected Versions: Fujian Kelixin Communication Command and Dispatch Platform up to 20240318 Description: A critical issue has been found, affecting an unknown part of the file /api/client/editemedia.php. The manipulation of the enterprise uuid argument leads t...
PT-2024-18092 · Themeisle · Orbit Fox
Name of the Vulnerable Software and Affected Versions: The Orbit Fox by ThemeIsle plugin for WordPress versions up to, and including, 2.10.30 Description: The issue is related to Stored Cross-Site Scripting via the form widget addr2 width attribute due to insufficient input sanitization and outpu...
PT-2024-14023 · Ibm · Ibm Powersc
Name of the Vulnerable Software and Affected Versions: IBM PowerSC versions 1.3 through 2.1 Description: The issue is related to the lack of logout functionality, which could allow an authenticated user to gain access to an unauthorized user using session fixation. Recommendations: For IBM PowerS...
PT-2023-12954 · Nokia · Nokia Netact
Name of the Vulnerable Software and Affected Versions: Nokia NetAct version 22 Description: An issue was discovered in the Administration of Measurements website section, where a malicious user can edit or add the templateName parameter to include malicious code. This code is then downloaded as a...
PT-2023-34042 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.86 Description: The issue is related to a null pointer dereference in the hugetlbfs parse param function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kern...
PT-2022-22356 · Jenkins · Jenkins Opsgenie Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins OpsGenie Plugin versions 1.9 and earlier Description: The issue concerns the transmission and storage of API keys in plain text. Specifically, API keys are transmitted in plain text as part of the global Jenkins configuration form and...
PT-2021-4449 · D Link · Dsr-500N
Name of the Vulnerable Software and Affected Versions: D-Link DSR-500N version 1.02 D-Link DSR-500N versions prior to 2.12/2 Description: The issue is related to hard-coded credentials for undocumented user accounts in the '/etc/passwd' file. If an attacker recovers the cleartext password of the...
PT-2025-26460
Name of the Vulnerable Software and Affected Versions: Edimax EW-7438RPn versions 1.13 and prior Description: An OS command injection issue exists, allowing an authenticated attacker to inject shell commands and achieve arbitrary command execution as the root user. This is due to the improper...
PT-2019-3196 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to a driver vulnerability in the ws2ifsl.sys Winsock component of the Windows operating system, which is associated with errors in processing objects in...
PT-2009-3491
Name of the Vulnerable Software and Affected Versions Microsoft Visual Studio .NET versions 2003 SP1 through 2008 Microsoft Visual C++ versions 2005 SP1 through 2008 SP1 Windows versions 2000 SP4 through XP SP3, Server 2003 SP2, Vista Gold through SP2, and Server 2008 Gold through SP2 Description...