CVE-2025-64196

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through = 7.2.5...

CVE-2025-64196 WordPress Booster for WooCommerce plugin <= 7.2.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pluggabl Booster for WooCommerce woocommerce-jetpack allows Reflected XSS.This issue affects Booster for WooCommerce: from n/a through = 7.2.5...

EUVD-2025-24462

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 in Fortinet FortiSIEM version 7.3.0 through 7.3.1, 7.2.0 through 7.2.5, 7.1.0 through 7.1.7, 7.0.0 through 7.0.3 and before 6.7.9 allows an unauthenticated attacker to execute...

CVE-2021-27253

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

WordPress Booster for WooCommerce plugin <= 7.2.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Peter Thaleikis in WordPress Plugin Booster for WooCommerce versions = 7.2.5...

CVE-2024-12278

The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via any location that typically sanitizes data using wpkses, like comments, in all versions up to, and including, 7.2.5 due to insufficient input sanitization and output escaping. This makes it possible...

Malicious code in storage-atom (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 1f8d850e9e2955072a6fa29c079bda39350473f9ba56b3efec63bcc7e283c563 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-34358

IBM i 7.2, 7.3, 7.4, and 7.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 230516...

PT-2020-12693 · Nch · Express Invoice

Name of the Vulnerable Software and Affected Versions: NCH Express Invoice version 7.25 Description: The issue allows local users to discover the cleartext password by reading the configuration file. Recommendations: For version 7.25, consider restricting access to the configuration file to...

IBM Security QRadar SIEM Directory Traversal Vulnerability

IBM Security QRadar SIEM is an IBM solution for consolidating log-sourced event data from thousands of devices and applications dispersed throughout the network. A directory traversal vulnerability exists in IBM Security QRadar SIEM 7.2.5 Patch 6 prior to the 7.2.x release. A remote attacker can...

IBM Security QRadar Incident Forensics Session Hijacking Vulnerability

IBM Security QRadar Incident Forensics is a suite of security forensic investigation software from IBM. The software supports in-depth forensic investigations of suspected malicious network security incidents, and repair network security vulnerabilities. IBM Security QRadar Incident Forensics 7.2...