Cacti 1.2.24 - SQL Injection

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graphview.php. Since guest users can access graphview.php without authentication by default, if guest users are being utilized in an enabled state, there...

CVE-2025-12549

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech Rozy - Flower Shop rozy allows PHP Local File Inclusion.This issue affects Rozy - Flower Shop: from n/a through = 1.2.25...

CVE-2025-12549

CVE-2025-12549 is a WordPress Rozy - Flower Shop theme vulnerability : an unauthenticated Local File Inclusion (LFI) in the Rozy package (the WordPress theme for Rozy - Flower Shop) affecting version ≤ 1.2.25. The connected Wordfence report confirms the Rozy vulnerability entry and lists it as Un...

CVE-2025-12549 WordPress Rozy - Flower Shop theme <= 1.2.25 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in magentech Rozy - Flower Shop rozy allows PHP Local File Inclusion.This issue affects Rozy - Flower Shop: from n/a through = 1.2.25...

WordPress plugin Rozy - Flower Shop 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress Rozy - Flower Shop theme <= 1.2.25 - Local File Inclusion vulnerability

WordPress Rozy - Flower Shop theme = 1.2.25 - Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Rozy - Flower Shop versions = 1.2.25...

EUVD-2023-43090

Malicious code in bioql PyPI...

EUVD-2024-46383

Malicious code in bioql PyPI...

Fireshare 安全漏洞

Fireshare is a media hosting software by the individual developer Shane Israel. A security vulnerability exists in Fireshare version 1.2.25, which stems from improper handling of the sort parameter and could lead to a time-based blind SQL injection attack...

Linux Distros Unpatched Vulnerability : CVE-2023-50250

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. A reflection cross-site scripting vulnerability was discovered in version 1.2.25...

Linux Distros Unpatched Vulnerability : CVE-2023-51448

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti provides an operational monitoring and fault management framework. Version 1.2.25 has a Blind SQL Injection SQLi vulnerability within the SNMP Notificatio...

Linux Distros Unpatched Vulnerability : CVE-2023-39516

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2023-39362

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can...

Linux Distros Unpatched Vulnerability : CVE-2023-39366

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2023-39510

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability...

Linux Distros Unpatched Vulnerability : CVE-2023-39358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows...

Linux Distros Unpatched Vulnerability : CVE-2023-30534

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. Whil...

CVE-2024-5126

An improper access control vulnerability exists in the lunary-ai/lunary repository, specifically within the versions.patch functionality for updating prompts. Affected versions include 1.2.2 up to but not including 1.2.25. The vulnerability allows unauthorized users to update prompt details due t...

PT-2025-2246 · WordPress · The Flexible Wishlist For Woocommerce

Name of the Vulnerable Software and Affected Versions: The Flexible Wishlist for WooCommerce – Ecommerce Wishlist & Save for later plugin for WordPress versions up to, and including, 1.2.25 Description: The issue is related to Stored Cross-Site Scripting via the wishlist name parameter due to...

CVE-2024-5128

An Insecure Direct Object Reference IDOR vulnerability was identified in lunary-ai/lunary, affecting versions up to and including 1.2.2. This vulnerability allows unauthorized users to view, update, or delete any datasetprompt or datasetpromptvariation within any dataset or project. The issue ste...