15 matches found
WordPress plugin Happy Addons for Elementor 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
CVE-2025-67940
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Powerlift powerlift allows PHP Local File Inclusion.This issue affects Powerlift: from n/a through 3.2.1...
CVE-2026-22856
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial-IrpThreads while another reads it. This vulnerability is fixed in 3.20.1...
PT-2026-3460
Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.21.0 Description The issue is a buffer overflow in the Glyph Alloc function of the FreeRDP Remote Desktop Protocol client. The FastGlyph parsing component trusts the cbData/remaining length and does not validate it...
WordPress Compare Products for WooCommerce plugin <= 3.2.1 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Compare Products for WooCommerce versions = 3.2.1...
EUVD-2025-202140
Missing Authorization vulnerability in Mikado-Themes Powerlift powerlift allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Powerlift: from n/a through 3.2.1...
EUVD-2025-27724
Malicious code in bioql PyPI...
CVE-2025-58442 Saleor has user enumeration vulnerability due to different error messages
Saleor is an e-commerce platform. Starting in version 3.21.0 and prior to version 3.21.16, requesting certain fields in the response of accountRegister may result in errors that could unintentionally reveal whether a user with the provided email already exists in Saleor. Version 3.21.16 fixes the...
CVE-2023-0878
Cross-site Scripting XSS - Generic in GitHub repository nuxt/framework prior to 3.2.1...
CVE-2022-48175
Rukovoditel v3.2.1 was discovered to contain a remote code execution RCE vulnerability in the component /rukovoditel/index.php?module=dashboard/ajaxrequest...
CVE-2025-26751
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fahad Mahmood Alphabetic Pagination alphabetic-pagination allows Reflected XSS.This issue affects Alphabetic Pagination: from n/a through = 3.2.1...
Nagios NRPE Heap Buffer Overflow Vulnerability
Nagios NRPE is an extension of Nagios to execute plug-in programs on remote Linux/Unix hosts. A heap buffer overflow vulnerability exists in Nagios NRPE 3.2.1. An attacker could exploit this vulnerability to cause a denial of service...
iScripts EasyCreate cross-site scripting vulnerability (CNVD-2018-08315)
IScripts EasyCreate is a set of online website builder from Iscripts, Inc. The tool can be used on the server for the client to provide website building services , belong to the fully customizable . A cross-site scripting vulnerability exists in the Site title field in IScripts EasyCreate version...
kernel: igmp: Avoid zero delay when receiving odd mixture of IGMP queries
The igmpheardquery function in net/ipv4/igmp.c in the Linux kernel before 3.2.1 allows remote attackers to cause a denial of service divide-by-zero error and panic via IGMP packets...
[LoWNOISE] Tomcat 3.2.1 ..0 DoS (WinNT)
-- LoWNOISE Aug/2001 -- Jakarta-Tomcat v3.2.1 Maybe Others Tested on: Apache 1.3.19 WinNT 4.0 The Problems: --Path Revealing and Method discovery Example: http://host/index.jsp Error: 500 Location: /index.jsp Internal Servlet Error: org.apache.jasper.JasperException: Unable to compile class for J...