9 matches found
CVE-2026-57739
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Blind SQL Injection.This issue affects AcyMailing SMTP Newsletter: from n/a through = 10.11.0...
CVE-2026-57741
CVE-2026-57741 is a stored XSS vulnerability in the WordPress plugin “AcyMailing SMTP Newsletter” (AcyMailing) up to version 10.11.0. Affected component is the plugin’s web-facing input handling that allows improper neutralization of input during web page generation. The issue permits stored cros...
CVE-2026-57739 WordPress AcyMailing SMTP Newsletter plugin <= 10.11.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AcyMailing Newsletter Team AcyMailing SMTP Newsletter acymailing allows Blind SQL Injection.This issue affects AcyMailing SMTP Newsletter: from n/a through = 10.11.0...
CVE-2026-57739
CVE-2026-57739 affects the WordPress WordPress Plugin AcyMailing SMTP Newsletter (versions up to and including 10.11.0). The vulnerability is an SQL Injection caused by improper neutralization of special elements in an SQL command, allowing blind SQL injection. According to the provided metrics, ...
CVE-2024-34708
Directus is a real-time API and App dashboard for managing SQL database content. A user with permission to view any collection using redacted hashed fields can get access the raw stored version using the alias functionality on the API. Normally, these redacted fields will return however if we...
EUVD-2024-1618
Malicious code in bioql PyPI...
Malicious code in commonweb-setup (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 0c019e3086bf1cec9b859c8fe048187fc7cf6dc866de93fbd0ff2182b3e4fc0a The OpenSSF Package Analysis project identified 'commonweb-setup' @ 10.11.0 npm as malicious. It is considered malicious because: - The package...
MAL-2025-6872 Malicious code in search-result (npm)
--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 6ddb1c5d5505a20da7fa64201ed64cc4b487447debb5dfac4a7d1398b93bcb1a The OpenSSF Package Analysis project identified 'search-result' @ 10.11.0 npm as malicious. It is considered malicious because: - The package...
PT-2024-26123 · Directus · Directus
Name of the Vulnerable Software and Affected Versions: Directus versions prior to 10.11.0 Description: The issue concerns session tokens that do not get properly invalidated when a user logs out. Specifically, the directus session is destroyed, and the cookie is deleted, but if the cookie value i...