CVE-2025-64650 IBM Storage Defender - Resiliency Service Information Disclosure

IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.18 could disclose sensitive user credentials in log files...

EUVD-2025-8400

Malicious code in bioql PyPI...

CVE-2024-56268

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hookandhook Post Grid Elementor Addon post-grid-elementor-addon.This issue affects Post Grid Elementor Addon: from n/a through = 2.0.18...

CVE-2025-30768

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mlaza jAlbum Bridge jalbum-bridge allows Stored XSS.This issue affects jAlbum Bridge: from n/a through = 2.0.18...

CVE-2025-30768 WordPress jAlbum Bridge plugin <= 2.0.18 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mlaza jAlbum Bridge jalbum-bridge allows Stored XSS.This issue affects jAlbum Bridge: from n/a through = 2.0.18...

WordPress jAlbum Bridge plugin <= 2.0.18 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin jAlbum Bridge versions = 2.0.18...

CVE-2024-56268

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in hookandhook Post Grid Elementor Addon post-grid-elementor-addon.This issue affects Post Grid Elementor Addon: from n/a through = 2.0.18...

WordPress plugin Post Grid Elementor Addon 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

CVE-2024-50502

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.18...

WordPress plugin Cozy Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2024-10972 · Openeuler · Openeuler Isulad

Name of the Vulnerable Software and Affected Versions: openEuler iSulad version 2.0.18-13 openEuler iSulad versions 2.1.4-1 through 2.1.4-2 Description: The issue is a Time-of-check Time-of-use TOCTOU Race Condition vulnerability in openEuler iSulad on Linux, allowing the leveraging of...

iSulad 安全漏洞

iSulad is a lightweight container engine open-sourced by src-openEuler. A security vulnerability exists in iSulad version 2.0.18-13 version 2.1.4-1 and version 2.1.4-2, which stems from the presence of a race condition issue...

Design/Logic Flaw

lestrrat-go/jwx is a Go module implementing various JWx JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE technologies. A p2c parameter set too high in JWE's algorithm PBES2- could lead to a denial of service. The JWE key management algorithms based on PBKDF2 require a JOSE Header Parameter called p2c...

GHSA-223G-8W3X-98WR Snowflake Connector .Net Command Injection

Issue Snowflake was informed via our bug bounty program of a command injection vulnerability in the Snowflake .NET driver via SSO URL authentication. Impacted driver package: snowflake-connector-net Impacted version range: before Version 2.0.18 Attack Scenario In order to exploit the potential fo...

CVE-2023-24402 WordPress WP Booking System Plugin <= 2.0.18 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Cross-Site Scripting XSS vulnerability in Veribo, Roland Murg WP Booking System – Booking Calendar plugin = 2.0.18 versions...

Jticketing, 2.0.16, SQL Injection

Jticketing by techjoomla.com, versions 2.0.16 and previous, SQL Injection resolution: update to 2.0.18 update notice: https://techjoomla.com/blog/jgive/release-updates-for-jticketing-jboloand-invitex...

Zabbix Arbitrary Code Execution Vulnerability (CVE-2016-4338)

Zabbix is prone to an arbitrary code execution vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

CVE-2015-7682: Multiple Blind SQL Injections in Pie Register WordPress Plugin

Details ================ Software: Pie Register Version: 2.0.18 Homepage: https://github.com/GTSolutions/Pie-Register CVE: CVE-2015-7682 Pending CVSS: 3.5 Low; AV:N/AC:M/Au:S/C:P/I:N/A:N CWE: CWE-89 Description ================ Two blind SQL injection vulnerabilities in Pie Register 2.0.18 allow...

CVE-2012-4331

Multiple unspecified vulnerabilities in SPIP before 1.9.2.o, 2.0.x before 2.0.18, and 2.1.x before 2.1.13 have unknown impact and attack vectors that are not related to cross-site scripting XSS, different vulnerabilities than CVE-2012-2151...

HT Editor Spawning Root Shell

Exploit for linux platform in category remote exploits !/usr/bin/python Exploit Title: HT Editor Spawning Root Shell Date: 29-Mar-2012 Author: blusp10it Version: 2.0.18 Download: http://sourceforge.net/projects/hte/files/ht-source/ht-2.0.18.tar.gz Tested on: BackTrack 4 R2, Ubuntu 10.04 Run with:...