13 matches found
[SECURITY] Fedora 44 Update: grub2-breeze-theme-6.6.4-1.fc44
Breeze theme for GRUB...
EUVD-2021-23250
Malware in sbrugna...
EUVD-2022-41777
Malicious code in bioql PyPI...
PT-2025-27087 · Mbstore · Mbstore
Name of the Vulnerable Software and Affected Versions: MBStore - Digital WooCommerce WordPress Theme versions 2.3 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows...
PT-2025-24607 · WordPress · Rh - Real Estate Wordpress Theme
Name of the Vulnerable Software and Affected Versions: RH - Real Estate WordPress Theme versions prior to 4.4.1 Description: The issue is related to privilege escalation due to the theme not properly restricting user roles that can be updated as part of the inspiry update profile function. This...
PT-2025-22681 · WordPress · Gavias Kiamo - Responsive Business Service Wordpress Theme
Name of the Vulnerable Software and Affected Versions: gavias Kiamo - Responsive Business Service WordPress Theme versions 1.3.3 and earlier Description: The issue affects the gavias Kiamo - Responsive Business Service WordPress Theme, allowing for PHP Local File Inclusion due to improper control...
WordPress TemplateSpare plugin <= 2.4.2 - Missing Authorization to Authenticated (Subscriber+) Theme Update vulnerability
Missing Authorization to Authenticated Subscriber+ Theme Update vulnerability discovered by Lucio Sá in WordPress Plugin TemplateSpare versions = 2.4.2...
PT-2024-12660 · Phlox · Phlox
Name of the Vulnerable Software and Affected Versions: Shortcodes and extra features for Phlox theme versions n/a through 2.14.0 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This vulnerability...
PT-2023-25049 · Unknown · Fossbilling
Name of the Vulnerable Software and Affected Versions: fossbilling/fossbilling versions prior to 0.5.3 Description: The issue involves an unrestricted upload of a file with a dangerous type. This can potentially lead to remote code execution RCE in FossBilling. The problem is related to the...
CVE-2021-36654
CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter tgo while updating the theme...
Cross site scripting
CMSuno 1.7 is vulnerable to an authenticated stored cross site scripting in modifying the filename parameter tgo while updating the theme...
WordPress Minblr Theme - File Upload Arbitrary Code Execution
A "themify-ajax.php" file upload arbitrary PHP code execution vulnerability was found in WordPress Minblr theme. Solution Update the theme...
Fedora Core 5 : gdm-2.14.1-1.fc5.2 (2006-338)
Notes taken from upstream release mail - The sockets connection between the slaves and the GDM daemon is now better managed to better ensure that sockets are never left open. Brian Cameron - Corrected bug that causes a core dump when you click on gdmgreeter fields that have an id. Brian Cameron -...