UBUNTU-CVE-2026-5081

Apache::Session::Generate::ModUniqueId versions from 1.54 through 1.94 for Perl session ids are insecure. Apache::Session::Generate::ModUniqueId added in version 1.54 uses the value of the UNIQUEID environment variable for the session id. The UNIQUEID variable is set by the Apache moduniqueid...

CVE-2026-27797

Homarr is an open-source dashboard. Prior to version 1.54.0, an unauthenticated Server-Side Request Forgery SSRF vulnerability allows a remote attacker to force the Homarr server to perform arbitrary outbound HTTP requests. This can be used as an internal network access primitive e.g., reaching...

CVE-2025-14069

The Schema & Structured Data for WP & AMP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'saswpcustomschemafield' profile field in all versions up to, and including, 1.54 due to insufficient input sanitization and output escaping. This makes it possible for authenticate...

CVE-2025-62293

SOPlanning is affected by Broken Access Control in the /status endpoint due to missing permission checks in Project Status functionality. An authenticated attacker can add, edit, or delete statuses. A fix is available in version 1.55. The CVE-entry is supported by Red Hat and EU vulnerability ref...

CVE-2025-62293 Broken Access Control in SOPlanning

SOPlanning is vulnerable to Broken Access Control in /status endpoint. Due to lack of permission checks in Project Status functionality an authenticated attacker is able to add, edit and delete any status. This issue was fixed in version 1.55...

CVE-2025-62010

CVE-2025-62010 describes an improper control of the filename used in PHP include/require statements in the WordPress Famita theme (Famita,

CVE-2025-62010 WordPress Famita theme <= 1.54 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Famita famita allows PHP Local File Inclusion.This issue affects Famita: from n/a through = 1.54...

PT-2025-45289

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ApusTheme Famita famita allows PHP Local File Inclusion.This issue affects Famita: from n/a through = 1.54...

WordPress Famita theme <= 1.54 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Famita versions = 1.54...

Omron Sysmac Studio Security Vulnerability

Omron Sysmac Studio is a unique environment from Omron Japan that integrates logic, motion and drives, robotics, safety, visualization, sensing, and information technology into a single project, thereby reducing the learning curve and the cost of intraoperative software. A security vulnerability...

LibreNMS Cross-Site Scripting Vulnerability

LibreNMS is an open source network monitoring system based on PHP and MySQL. The system features customizable alerts , auto-discovery of the network environment and automatic updates . A cross-site scripting vulnerability exists in the Create User Inventory Add Device Notifications Alert Rule...

clarolineVulns.txt

This is a multi-part message in MIME format. ------=NextPart000001B01C54B56.DF10D4A0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Zone-H Research Center Security Advisory 200501 http://fr.zone-h.org Date of release: 27/04/2005 Software: Claroline...

ZRCSA-200501 - Multiple vulnerabilities in Claroline

Zone-H Research Center Security Advisory 200501 http://fr.zone-h.org Date of release: 27/04/2005 Software: Claroline www.claroline.net Affected versions: 1.5.3 1.6 beta 1.6 Release Candidate 1 probably previous versions too Risk: High Discovered by: Kevin Fernandez "Siegfried" Mehdi Oudad...