WordPress Depicter plugin cross-site request forgery vulnerability

WordPress Depicter plugin is a slider, popup and rotator image creation tool designed for WordPress, offering a no-code interface and rich customization features. The WordPress Depicter plugin suffers from a cross-site request forgery vulnerability, which originates from a web application that do...

CVE-2025-60306

code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations...

CVE-2025-60306

code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations...

CVE-2025-60306

code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations...

PT-2025-41577

Name of the Vulnerable Software and Affected Versions code-projects Simple Car Rental System version 1.0 Description A permission bypass issue exists that allows low privilege users to forge high privilege sessions and perform sensitive operations. Recommendations At the moment, there is no...

CVE-2025-60306

code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations...

CVE-2025-60306

CVE-2025-60306 affects Code-Projects’ Simple Car Rental System 1.0. The issue is a permission bypass where a low-privilege user can forge and obtain high-privilege sessions to perform sensitive operations. Metrics assign a CRITICAL 9.9 CVSS v3.1 score with network exploitability, low attack compl...

PT-2025-41574

Name of the Vulnerable Software and Affected Versions SourceCodester Online Student Clearance System version 1.0 Description The application has a flaw in access control. This allows users with limited privileges to create sessions with higher privileges and perform actions that should be...

EUVD-2025-33745

code-projects Simple Car Rental System 1.0 has a permission bypass issue where low privilege users can forge high privilege sessions and perform sensitive operations...

EUVD-2020-4015

Malware in sbrugna...

EUVD-2020-11185

Malware in sbrugna...

EUVD-2025-29265

Malicious code in bioql PyPI...

EUVD-2022-52788

Malicious code in bioql PyPI...

IBM Storage TS4500 Library Cross-Site Request Forgery Vulnerability

IBM Storage TS4500 Library is a next-generation tape storage solution from IBM designed to help mid-sized and large enterprises meet the challenges of cloud storage, enabling high-density data storage and flexible scaling through LTO technology. The IBM Storage TS4500 Library suffers from a...

SourceCodester Web-based Pharmacy Product Management System 安全漏洞

SourceCodester Web-based Pharmacy Product Management System is a SourceCodester open source web-based pharmacy product management system. A security vulnerability exists in the SourceCodester Web-based Pharmacy Product Management System version 1.0, which stems from improper access control and...

WordPress CBX Restaurant Booking plugin cross-site request forgery attack vulnerability

WordPress CBX Restaurant Booking plugin is a restaurant booking plugin for WordPress websites that allows users to book restaurant seats online. The plugin supports online booking, instant confirmation, personalized notifications and other features that automate the booking process and reduce...

PHPGurukul Complaint Management System 安全漏洞

Complaint Management System is a complaint management system. The Complaint Management System suffers from a cross-site request forgery vulnerability that arises from a web application that does not adequately validate that a request is coming from a trusted user. An attacker could use this...

Endress+Hauser MEAC300-FNADE4 安全漏洞

The Endress+Hauser MEAC300-FNADE4 is a cost-effective emissions data management computer from Endress+Hauser Vietnam. The Endress+Hauser MEAC300-FNADE4 suffers from a cross-site request forgery vulnerability that arises from a WEB application that does not adequately validate that a request is...

CVE-2020-19280

Jeesns 1.4.2 contains a cross-site request forgery CSRF which allows attackers to escalate privileges and perform sensitive program operations...

GitLab Enterprise Edition（EE）和GitLab Community Edition（CE） 安全漏洞

GitLab Enterprise Edition EE and GitLab Community Edition CE are both products of GitLab, Inc. GitLab Enterprise Edition is a content management system. GitLab Enterprise Edition is a content management system. A security vulnerability exists in GitLab Enterprise Edition EE and GitLab Community...