EUVD-2026-31190

Yii 2 is a PHP application framework. Versions 2.0.54 and prior contain flawed logic in the core view rendering method View::renderPhpFile that leads to Local File Inclusion. The function calls extract$params, EXTROVERWRITE before the require statement that loads the view file. As a result, a...

WordPress Related Post Plugin <= 2.0.53 is vulnerable to Cross Site Scripting (XSS)

Software Related Post Type Plugin Vulnerable versions = 2.0.53 Fixed in 2.0.54 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51666 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3b0bef244c2c Credits Khalid Yusuf Required privilege...

Ultimate Member Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Ultimate Member plugin is one of the plugins used to create member sites or online communities. A cross-site scripting vulnerability...

security flaw

The byte-range filter in Apache 2.0 before 2.0.54 allows remote attackers to cause a denial of service memory consumption via an HTTP header with a large Range field...

PT-2005-3030 · Apache +2 · Apache Http Server +2

Name of the Vulnerable Software and Affected Versions: Apache HTTP server versions 1.3.x through 1.3.33 Apache HTTP server versions 2.0.x through 2.0.54 Description: A flaw occurs when using the Apache server as an HTTP proxy. A remote attacker could send an HTTP request with both a...