CVE-2025-68034

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CleverReach® CleverReach® WP cleverreach-wp allows SQL Injection.This issue affects CleverReach® WP: from n/a through = 1.5.21...

CVE-2025-68034 WordPress CleverReach® WP plugin <= 1.5.21 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CleverReach® CleverReach® WP cleverreach-wp allows SQL Injection.This issue affects CleverReach® WP: from n/a through = 1.5.21...

CVE-2025-68034

CVE-2025-68034 affects the CleverReach® WP WordPress plugin up to version 1.5.22. The root cause is Improper Neutralization of Special Elements in SQL Commands, enabling SQL Injection. Impact is high confidentiality risk (CVE notes HIGH) with potential data exposure/modification; exploitation is ...

WordPress plugin CleverReach has a SQL injection vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4066

Name of the Vulnerable Software and Affected Versions CleverReach® WP versions through 1.5.22 Description A flaw exists in CleverReach® WP that allows for SQL Injection. This issue is due to improper neutralization of special elements used in an SQL command. The vulnerability could potentially...

WordPress CleverReach® WP plugin <= 1.5.21 - SQL Injection vulnerability

SQL Injection vulnerability discovered by 0xd4rk5id3 in WordPress Plugin CleverReach® WP versions = 1.5.21...

EUVD-2023-49924

Malicious code in bioql PyPI...

CVE-2023-48320

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebDorado SpiderVPlayer allows Stored XSS.This issue affects SpiderVPlayer: from n/a through 1.5.22...

PT-2025-1927 · WordPress · The Picture Gallery – Frontend Image Uploads

Name of the Vulnerable Software and Affected Versions: The Picture Gallery – Frontend Image Uploads, AJAX Photo List plugin for WordPress versions up to, and including, 1.5.22 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escapi...

WordPress Picture Gallery plugin <= 1.5.22 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by SOPROBRO in WordPress Plugin Picture Gallery versions = 1.5.22...

TP-LINK IoT Smart Hub 安全漏洞

TP-LINK IoT Smart Hub is a series of smart hubs from China's Universal Link TP-LINK. A security vulnerability exists in TP-LINK IoT Smart Hub versions prior to 1.5.22, which originates from storing Wi-Fi credentials in plaintext within the device's firmware, which allows an attacker to extract th...

matio: Multiple Vulnerabilities

Background matio is a library for reading and writing matlab files. Description Multiple vulnerabilities have been discovered in matio. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

CVE-2024-0301

A vulnerability classified as critical was found in fhs-opensource iparking 1.5.22.RELEASE. This vulnerability affects the function getData of the file src/main/java/com/xhb/pay/action/PayTempOrderAction.java. The manipulation leads to sql injection. The attack can be initiated remotely. The...

CVE-2023-48320

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WebDorado SpiderVPlayer allows Stored XSS.This issue affects SpiderVPlayer: from n/a through 1.5.22...

CVE-2023-45632

Unauth. Reflected Cross-Site Scripting XSS vulnerability in WebDorado SpiderVPlayer plugin = 1.5.22 versions...

WordPress Plugin Page Builder：Live Composer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Page...

Joomla! Spam Mail Relay Vulnerability

No description provided by source. Exploit Title: Joomla! Spam Mail Relay Date: 11 Jan 2011 Author: Jeff Channell Software Link: http://www.joomla.org/ Versions: 1.5.22, 1.6.0 Joomla! 1.5.22 & 1.6.0 both allow spam email to be relayed to unsuspecting victims via the core commailto component. Test...

klibc 1.5.2 - DHCP Options Processing Remote Shell Command Execution

source: https://www.securityfocus.com/bid/47924/info klibc is prone to a shell-command-execution vulnerability because the application fails to properly sanitize user-supplied input. An attacker can exploit this issue to execute arbitrary shell commands in the context of the application that uses...

Joomla! 1.5.x - SQL Error Information Disclosure

source: https://www.securityfocus.com/bid/44674/info Joomla! is prone to an information-disclosure vulnerability due to an SQL error. Exploiting this issue can allow attackers to gain access to sensitive information contained in the application's database. Successful exploits may lead to other...