WordPress plugin Outdoor SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. WordPress Outdoor plugin suffers from a SQL injection vulnerability that stems from a lack of validation of the edit parameter. An attacker can exploit this vulnerability to...

E-Commerce Website product_add_qty.php file SQL injection vulnerability

E-Commerce Website is an e-commerce website. E-Commerce Website suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter prodid in file /pages/productaddqty.php. An attacker can exploit this vulnerability to execu...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an unvalidated ringlen parameter, which could lead to a hardware memory context error...

CVE-2025-8594 Pz-LinkCard < 2.5.7 - Contributor+ SSRF

The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack...

WeGIA 跨站脚本漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.5.1, which stems from an unvalidated log parameter in configuracaogeral.php and could lead to a reflective cross-site scripting...

WordPress Community Events plugin SQL Injection Vulnerability

WordPress Community Events plugin is a plugin that allows users to submit events. Users can publish event information independently through the website form, while the administrator can retain the final right to review the calendar content. A SQL injection vulnerability exists in the WordPress...

Curo UC300 安全漏洞

Curo UC300 is a video phone device from Curo UK. A security vulnerability exists in Curo UC300 version 5.42.1.7.1.63R1, which stems from an unvalidated IP Addr parameter that could lead to an OS command injection attack...

EUVD-2018-7372

Malware in sbrugna...

EUVD-2017-13013

Malware in sbrugna...

EUVD-2019-2517

Malware in sbrugna...

EUVD-2022-40759

Malicious code in bioql PyPI...

EUVD-2023-48140

Malicious code in bioql PyPI...

EUVD-2025-27630

Malicious code in bioql PyPI...

ERPNext 安全漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. A security vulnerability exists in ERPNext version 15.57.5, which stems from an unvalidated txt parameter that could lead to an SQL injection attack...

Liferay Portal和Liferay DXP 跨站脚本漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

Denial Of Service (DoS)

pyLoad-ng is vulnerable to Denial of Service DoS. The vulnerability is due to improper input validation because the jk parameter is passed directly to dykpy.evaljs without verification, allowing crafted input to exhaust CPU resources and render the web UI unresponsive...

ChanCMS SQL Injection Vulnerability

ChanCMS is a content management system. ChanCMS 3.3.0 and earlier versions suffer from a SQL injection vulnerability, which originates from the lack of validation of the Search parameter key in the app/modules/api/service/Api.js function against external input SQL statements. An attacker can...

CVE-2025-9034

CVE-2025-9034 concerns the WordPress plugin Wp Edit Password Protected (prior to v1.3.5). The issue is an Open Redirect caused by not validating the parameter before redirecting to its value, enabling redirection to an arbitrary URL. Affected product: Wp Edit Password Protected – Create Password ...

CVE-2025-9034 Wp Edit Password Protected < 1.3.5 - Open Redirect

The Wp Edit Password Protected WordPress plugin before 1.3.5 does not validate a parameter before redirecting the user to its value, leading to an Open Redirect issue...

PT-2025-37118

Name of the Vulnerable Software and Affected Versions: Wp Edit Password Protected WordPress plugin versions prior to 1.3.5 Description: The Wp Edit Password Protected WordPress plugin does not validate a parameter before redirecting the user to its value, resulting in an Open Redirect issue...