CVE-2025-13126 wpForo Forum <= 2.4.12 - Unauthenticated SQL Injection

The wpForo Forum plugin for WordPress is vulnerable to generic SQL Injection via the postargs and topicargs parameters in all versions up to, and including, 2.4.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes ...

PT-2025-51145

Name of the Vulnerable Software and Affected Versions wpForo Forum plugin for WordPress versions prior to 2.4.13 Description The wpForo Forum plugin for WordPress is susceptible to SQL Injection. Insufficient input sanitization on user-supplied parameters and inadequate SQL query preparation allo...

EulerOS 2.0 SP12 : cups (EulerOS-SA-2025-2319)

According to the versions of the cups package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthTyp...

ALPINE-CVE-2025-58364

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, an unsafe deserialization and validation of printer attributes causes null dereference in the libcups library. This is a remote DoS vulnerability available in local...

CVE-2025-58060

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the AuthType is set to anything but Basic, if the request contains an Authorization: Basic ... header, the password is not checked. This results in...

PT-2025-37253

Name of the Vulnerable Software and Affected Versions: CUPS versions 2.4.12 and earlier Description: CUPS Common Unix Printing System is an open-source printing system for Linux and Unix-like operating systems. Versions 2.4.12 and earlier are susceptible to a remote denial of service due to unsaf...

Malicious code in x91yz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis e4cfb5ebf38924c80a8ac2ab612e4c663039edbec7a6ace7cd55d290f84ca3ce The OpenSSF Package Analysis project identified 'x91yz' @ 2.4.12 npm as malicious. It is considered malicious because: - The package executes on...

PT-2024-25121 · WordPress · Easy Custom Auto Excerpt

Name of the Vulnerable Software and Affected Versions: Easy Custom Auto Excerpt plugin for WordPress versions up to, and including, 2.4.12 Description: The issue allows unauthenticated attackers to obtain excerpts of password-protected posts, potentially exposing sensitive information...

Argo CD 安全漏洞

Argo is an open source container native workflow engine. A security vulnerability exists in Argo CD version 2.4.12 and earlier. An attacker exploited the vulnerability to enumerate application names...

Apache HTTP Server Multiple Vulnerabilities (Sep 2014) - Linux

Apache HTTP Server is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

PT-2021-14788 · Advantech · Advantech R-Seenet

Name of the Vulnerable Software and Affected Versions: Advantech R-SeeNet version 2.4.12 Description: An OS Command Injection issue exists in the ping.php script functionality. A specially crafted HTTP request can lead to arbitrary OS command execution. An attacker can send a crafted HTTP request...

Advantech R-SeeNet 跨站脚本漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech Taiwan, China. The software is based on the snmp protocol for monitoring platforms and is available for Linux and Windows platforms.Advantech R-SeeNet telnetform.php in v2.4.12 contains a cross-site scripting vulnerability tha...

Wireshark Security Updates (wnpa-sec-2019-06, wnpa-sec-2019-07, wnpa-sec-2019-08) - Mac OS X

Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...

openSUSE Security Update : wireshark (openSUSE-2019-92)

This update for wireshark to version 2.4.12 fixes the following issues : Security issues fixed : - CVE-2019-5717: Fixed a denial of service in the PMUL dissector bsc1121232 - CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors bsc1121233 - CVE-2019-5719: Fixed a...

Security update for wireshark (moderate)

openSUSE Security Update: Security update for wireshark Announcement ID: openSUSE-SU-2019:0092-1 Rating: moderate References: 1121232 1121233 1121234 1121235 Cross-References: CVE-2019-5717 CVE-2019-5718 CVE-2019-5719 CVE-2019-5721 Affected Products: openSUSE Leap 15.0 An update that fixes four...

SUSE SLED12 / SLES12 Security Update : wireshark (SUSE-SU-2019:0138-1)

This update for wireshark to version 2.4.12 fixes the following issues : Security issues fixed : CVE-2019-5717: Fixed a denial of service in the PMUL dissector bsc1121232 CVE-2019-5718: Fixed a denial of service in the RTSE dissector and other dissectors bsc1121233 CVE-2019-5719: Fixed a denial o...

Wireshark Security Updates (wnpa-sec-2019-02, wnpa-sec-2019-03, wnpa-sec-2019-04) - Mac OS X

Wireshark is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"; ifdescripti...

Wireshark Security Updates (wnpa-sec-2019-05) - Windows

Wireshark is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wireshark:wireshark"...

my little forum Cross-Site Request Forgery Vulnerability

my little forum is a set of Internet forum applications based on PHP and MySQL. The application uses a traditional tree view to display information and supports image uploading, template engine, BB code and emoticons. A cross-site request forgery vulnerability exists in my little forum version...

PT-2018-13094 · My Little Forum · My Little Forum

Name of the Vulnerable Software and Affected Versions: my little forum version 2.4.12 Description: The issue allows for Cross-Site Request Forgery CSRF attacks, which can lead to the deletion of users. Recommendations: For my little forum version 2.4.12, update to a newer version that contains a...