7 matches found
PT-2025-39461
Name of the Vulnerable Software and Affected Versions JeecgBoot versions up to 3.8.2 Description A flaw exists in JeecgBoot that allows for improper authorization. This is due to the manipulation of the ids argument within an unknown function of the /sys/tenant/deleteBatch file. The attack can be...
PT-2025-14092 · WordPress · Wp Realestate
Name of the Vulnerable Software and Affected Versions: WP RealEstate plugin versions up to, and including, 1.6.26 Description: The issue is related to insufficient role restrictions in the process register function, allowing unauthenticated attackers to register an account with the Administrator...
PT-2024-15192 · WordPress · Wpforms Pro
Name of the Vulnerable Software and Affected Versions: WPForms Pro versions up to, and including, 1.8.5.3 Description: The WPForms Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via form submission parameters due to insufficient input sanitization and output escaping. This...
PT-2023-15935 · WordPress · Adsanity
Name of the Vulnerable Software and Affected Versions: AdSanity plugin for WordPress versions up to, and including, 1.8.1 Description: The issue is related to missing file type validation in the ajax upload function, allowing authenticated attackers with Contributor+ level privileges to upload...
PT-2022-3000 · Adobe · Illustrator
Name of the Vulnerable Software and Affected Versions: Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier Description: The issue is related to an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of...
PT-2019-16503 · Oracle +6 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 8.0.16 and prior Description: The issue allows a high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks can result in the unauthorized ability to cause a hang o...
Golabi CMS RFI Vulnerability (Mar 2009) - Active Check
Golabi CMS is prone to a remote file include RFI vulnerability because it fails to sufficiently sanitize user-supplied data. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...