EUVD-2024-2702

Malicious code in bioql PyPI...

CVE-2025-11031

A flaw has been found in DataTables up to 1.10.13. The affected element is an unknown function of the file /examples/resources/examples.php. This manipulation of the argument src causes path traversal. It is possible to initiate the attack remotely. The exploit has been published and may be used...

DataTables 安全漏洞

DataTables is an open source time plugin for jQuery by SpryMedia Limited. A security vulnerability exists in DataTables version 1.10.13 and earlier, which stems from the incorrect manipulation of the parameter src in the file /examples/resources/examples.php, which could lead to a path traversal...

CVE-2024-13509

The WS Form LITE and PRO plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the url parameter in all versions up to, and including, 1.10.13 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

WordPress WS Form LITE plugin <= 1.10.13 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Tim Coen in WordPress Plugin WS Form LITE versions = 1.10.13...

CVE-2024-13509

The WS Form LITE – Drag & Drop Contact Form Builder for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the url parameter in all versions up to, and including, 1.10.13 due to insufficient input sanitization and output escaping. This makes it possible for...

WordPress plugin WS Form LITE 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...

CVE-2024-45816 Storage bucket Directory Traversal in @backstage/plugin-techdocs-backend

Backstage is an open framework for building developer portals. When using the AWS S3 or GCS storage provider for TechDocs it is possible to access content in the entire storage bucket. This can leak contents of the bucket that are not intended to be accessible, as well as bypass permission checks...

PYSEC-2020-20

In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old Flask-admin based UI were vulnerable for SSRF attack...

PT-2020-15028 · Apache · Airflow

Name of the Vulnerable Software and Affected Versions: Airflow versions prior to 1.10.13 Description: The issue occurs when creating a user using the airflow CLI or when creating a Connection with a password field in Airflow, where the password gets logged in plain text in the Log table in Airflo...

SuSE 11.3 Security Update : wireshark (SAT Patch Number 10444)

Wireshark was updated to version 1.10.13 fixing bugs and security issues : The following security issues have been fixed. - The WCP dissector could crash. wnpa-sec-2015-07 CVE-2015-2188 bnc920696 - The pcapng file parser could crash. wnpa-sec-2015-08 CVE-2015-2189 bnc920697 - The TNEF dissector...