CVE-2026-4087

The Pre Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hintids' parameter of the pprhupdatehints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

WordPress Pre* Party Resource Hints plugin <= 1.8.20 - Authenticated (Subscriber+) SQL Injection via 'hint_ids' Parameter vulnerability

Authenticated Subscriber+ SQL Injection via 'hintids' Parameter vulnerability discovered by Chawabhon Netisingha JNX03 in WordPress Plugin Pre Party Resource Hints versions = 1.8.20...

EUVD-2026-14180

The Pre Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hintids' parameter of the pprhupdatehints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

CVE-2026-4087

CVE-2026-4087 affects the Pre* Party Resource Hints plugin for WordPress. The vulnerability is an SQL Injection via the hint_ids parameter in the pprh_update_hints AJAX action, present in all versions up to and including 1.8.20 . It results from insufficient escaping of user input and lack of pro...

CVE-2026-4087

The Pre Party Resource Hints plugin for WordPress is vulnerable to SQL Injection via the 'hintids' parameter of the pprhupdatehints AJAX action in all versions up to, and including, 1.8.20. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on t...

CVE-2024-33586

Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web.This issue affects Photo Gallery by 10Web: from n/a through 1.8.20...

OESA-2024-2337 hdf5 security update

HDF5 is a data model, library, and file format for storing and managing data. It supports an unlimited variety of datatypes, and is designed for flexible and efficient I/O and for high volume and complex data. HDF5 is portable and is extensible, allowing applications to evolve in their use of HDF...

CVE-2024-33586

Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web.This issue affects Photo Gallery by 10Web: from n/a through 1.8.20...

WordPress Photo Gallery by 10Web plugin <= 1.8.20 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Steven Julian Patchstack Alliance in WordPress Plugin Photo Gallery by 10Web versions = 1.8.20...

WordPress Photo Gallery by 10Web Plugin <= 1.8.20 is vulnerable to Broken Access Control

Software Photo Gallery by 10Web Type Plugin Vulnerable versions = 1.8.20 Fixed in 1.8.21 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-33586 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9de61c674191 Credits Steven Julian Requir...

MyBB 跨站脚本漏洞

MyBB MyBulletinBoard is a free and web-based forum software developed by MyBB MYBB team using PHP and MySQL. The software is easy to use , support for multi-language , scalable and so on. A cross-site scripting vulnerability exists in MyBB version 1.8.20, which can be exploited by a remote attack...

MyBB 跨站脚本漏洞

MyBB MyBulletinBoard is a free and web-based forum software developed by MyBB MYBB team using PHP and MySQL. The software is easy to use, multi-language support, scalable and so on. A security vulnerability exists in MyBB, which stems from a cross-site scripting XSS vulnerability in version v1.8....

PT-2021-10278 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB version 1.8.20 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the Description field in the Add New Forum page. This can be achieved by doing an authenticated POST HTTP request to...

MyBB Cross-Site Scripting Vulnerability (CNVD-2021-25714)

MyBB MyBulletinBoard is the MyBB team developed a set of PHP and MySQL development of free and Web-based forum software. The software is easy to use , support for multiple languages , scalable and so on.ModCP Profile Editor is used in one of the ModCP configuration editor . The ModCP Profile Edit...

CVE-2018-19201

A reflected XSS vulnerability in the ModCP Profile Editor in MyBB before 1.8.20 allows remote attackers to inject JavaScript via the 'username' parameter...

PT-2018-13569 · Hdf +2 · Hdf5 +2

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.8.20 Description: An issue was discovered in the HDF5 library, where there is an out of bounds read in the H5L extern query function at H5Lexternal.c. Recommendations: For version 1.8.20, consider updating to a newer version th...

UBUNTU-CVE-2018-14034

An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5Oplinereset in H5Opline.c...

PT-2018-12287 · Hdf +2 · Hdf5 +2

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.8.20 Description: A heap-based buffer over-read issue was found in the H5T copy function in H5T.c. Recommendations: For version 1.8.20, consider applying a patch or fix to resolve the issue in the H5T copy function...

UBUNTU-CVE-2018-13872

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5Gentdecode in H5Gent.c...

UBUNTU-CVE-2018-13868

An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5Ofillolddecode in H5Ofill.c...