Pencak Silat Digital Scoring SQL注入漏洞

Pencak Silat Digital Scoring is a digital scoring system for martial arts competitions developed by Yudha Yogasara. Version 18.10 of Pencak Silat Digital Scoring contains an SQL injection vulnerability. This vulnerability arises from injecting malicious code through the idpartai parameter, which...

BIT-GITLAB-2025-12669 Improper Control of Generation of Code ('Code Injection') in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.11 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user to inject HTML and JavaScript into email notifications sent to other users due to improper input sanitizatio...

EUVD-2026-30225

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.7 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to download private debugging symbols from inaccessible projects due to improper access control...

GitLab 15.1 < 18.9.7 / 18.10 < 18.10.6 / 18.11 < 18.11.3 (CVE-2026-8144)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Missing Authorization in GitLab CVE-2026-8144 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenabl...

BIT-GITLAB-2026-5816 Improper Resolution of Path Equivalence in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.4 and 18.11 before 18.11.1 that could have allowed an unauthenticated user to execute arbitrary JavaScript in a user's browser session due to improper path validation under certain conditions...

CVE-2026-5816

CVE-2026-5816 affects GitLab CE/EE prior to 18.10.4 and prior to 18.11.1, with an issue in path validation that could allow an unauthenticated user to execute arbitrary JavaScript in a user’s browser session. GitLab has released patches in versions 18.10.4 and 18.11.1 to remediate this. The vulne...

PT-2026-27992

Name of the Vulnerable Software and Affected Versions GitLab EE versions 15.4 through 18.8.6 GitLab EE versions 18.9 through 18.9.2 GitLab EE versions 18.10 through 18.10.0 Description An authenticated user could add email addresses to targeted user accounts due to improper sanitization of HTML...

PT-2024-20317 · Unknown · Zentao Community Edition +2

Name of the Vulnerable Software and Affected Versions: ZenTao Community Edition versions 18.10 ZenTao Biz versions 8.10 ZenTao Max versions 4.10 Description: An arbitrary file upload issue in the /upgrade/control.php endpoint allows attackers to execute arbitrary code by uploading a crafted .txt...

Code injection

In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, certain personal information is discoverable inspecting network responses on the 'Edit access' screen when sharing portfolios...

Micro Focus Fortify Software Security Center Unauthorized Access Vulnerability (CNVD-2018-25729)

Micro Focus Fortify Software Security Center SSC is a suite of software lifecycle security management solutions from Micro Focus UK. The product includes centralized management of application security, automated auditing and risk management. An unauthorized access vulnerability exists in Micro...