18 matches found
BIT-MYSQL-CLIENT-2026-44168 MariaDB: wsrep SST unsafe parameter handling on the donor side
MariaDB server is a community developed fork of MySQL server. From versions 10.6.1 to before 10.6.26, 10.11.1 to before 10.11.17, 11.4.1 to before 11.4.11, 11.8.1 to before 11.8.7, and 12.3.1, during the SST the donor node is interpolating parameters that the joiner sent into the command line. No...
BIT-MYSQL-CLIENT-2026-49261 MariaDB server has unsafe parameter handling in `wsrep_notify_cmd`
MariaDB server is a community developed fork of MySQL server. Versions 10.6.1 through 10.6.26, 10.11.1 through 10.11.17, 11.4.1 through 11.4.11, 11.8.1 through 11.8.7, and 12.3.1 with wsrepnotifycmd enabled would execute shell commands embedded in the name of the joiner node. This is fixed in...
CVE-2026-48163
CVE-2026-48163 affects MariaDB (wsrep SST): during donor–donor synchronization, the donor interpolates parameters from the joiner in the SST rsync command line, and not all parameters are validated. This could allow a malicious joiner to execute arbitrary shell commands on the donor side. Patched...
MCP-GMX-VMD 注入漏洞
MCP-GMX-VMD is an integrated tool for molecular dynamics simulation and visualization developed by EgT’s individual developers. Versions of MCP-GMX-VMD 0.1.0 and earlier contained a injection vulnerability. This vulnerability stemmed from incorrect handling of parameters such as structurefile and...
CVE-2025-30044 RCE on uhcapache user permissions
In the endpoints "/cgi-bin/CliniNET.prd/utils/usrlogstatsimple.pl", "/cgi-bin/CliniNET.prd/utils/usrlogstat.pl", "/cgi-bin/CliniNET.prd/utils/userlogstat2.pl", and "/cgi-bin/CliniNET.prd/utils/dblogstat.pl", the parameters are not sufficiently normalized, which enables code injection...
CVE-2025-14719 Relevanssi (Free < 4.26.0, Premium < 2.29.0) - Contributor+ SQLi
The Relevanssi WordPress plugin before 4.26.0, Relevanssi Premium WordPress plugin before 2.29.0 do not sanitize and escape a parameter before using it in a SQL statement, allowing contributor and above roles to perform SQL injection attacks...
WordPress plugin Rich Snippet Site Report SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Rich Snippet Site Report plugin suffers from a SQL injection vulnerability that stems from insufficient cleanup and escaping of user-supplied parameter last and...
CVE-2025-29180
In FOXCMS =1.25, the installdb.php file has a time - based blind SQL injection vulnerability. The urlprefix, domain, and mywebsite POST parameters are directly concatenated into SQL statements without filtering...
Improperly Controlled Modification of Dynamically-Determined Object Attributes
Overview camaleoncms is a dynamic and advanced content management system based on Ruby on Rails as an alternative to Wordpress. Affected versions of this package are vulnerable to Improperly Controlled Modification of Dynamically-Determined Object Attributes via the updatedajax method of the...
The vulnerability of D-Link DSL-3782 router microprogramming software, related to the lack of measures to neutralize special elements, allows a hacker to execute arbitrary commands.
The vulnerability of D-Link DSL-3782 router’s microprogramming software is related to the lack of measures taken to neutralize special elements during the processing of parameters sambawg and sambanbn. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
WordPress plugin WordPress Brute Force Protection 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin WordPress Brute Force...
CVE-2024-8735
The MailMunch – Grow your Email List plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.1.8. This makes it possible for unauthenticated attackers to inject arbitrary web...
WordPress plugin wp-cart-for-digital-products security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Unlimited Elements For Elementor (Free Widgets, Addons, Templates) security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...
DAR-8000-10 Deserialization Vulnerability in AUO Electronic Devices (Shanghai) Co.
DAR-8000-10 is the Internet Behavior Audit Gateway from China AUO D-Link. AUO DAR-8000-10 20230922 and earlier versions have a deserialization vulnerability that originates from the unsafe deserialization of the parameter sql of the file /importhtml.php when receiving serialized data submitted by...
PT-2023-20502 · Safe-Eval · Safe-Eval
Name of the Vulnerable Software and Affected Versions: safe-eval versions all Description: The issue arises from improper sanitization of the parameter content in the safeEval function, leading to Prototype Pollution. This affects all versions of the safe-eval package. Recommendations: For all...
TuziCMS suffers from arbitrary file deletion vulnerability (CNVD-2020-62425)
TuziCMS TC for short is an enterprise web content management system based on PHP+MySql. TuziCMS has an arbitrary file deletion vulnerability. The vulnerability is due to the system parameters are not user-submitted data filtering or processing caused by an attacker can be exploited to delete...
USN-3272-1 ghostscript vulnerabilities
It was discovered that Ghostscript improperly handled parameters to the rsdparams and eqproc commands. An attacker could use these to craft a malicious document that could disable -dSAFER protections, thereby allowing the execution of arbitrary code, or cause a denial of service application crash...