136 matches found
Motorola Device Manager code-related vulnerabilities
Motorola Device Manager is a computer-based device management tool developed by the American company Motorola. Version 2.4.5 of Motorola Device Manager contains a code vulnerability caused by an unquoted service path, which may allow for the execution of arbitrary code...
CVE-2025-69318
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hossni Mubarak JobWP jobwp allows Stored XSS.This issue affects JobWP: from n/a through = 2.4.5...
CVE-2025-69318
CVE-2025-69318 concerns the WordPress plugin JobWP – Job Board, Job Listing, Career Page and Recruitment Plugin . The vulnerability is a Stored XSS caused by improper neutralization of input during web page generation. Affected versions are JobWP
PT-2026-4196
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hossni Mubarak JobWP jobwp allows Stored XSS.This issue affects JobWP: from n/a through = 2.4.5...
📄 Magento Adobe Commerce 2.4.5-p7 Arbitrary File Read
Magento Adobe Commerce version 2.4.5-p7 suffers from an arbitrary file read vulnerability. ============================================================================================================================================= | Title : Magento Adobe Commerce 2.4.5-p7 arbitrary file read...
CVE-2025-65091 XWiki Full Calendar Macro vulnerable to SQL injection through Calendar.JSONService
XWiki Full Calendar Macro displays objects from the wiki on the calendar. Prior to version 2.4.5, users with the right to view the Calendar.JSONService page including guest users can exploit a SQL injection vulnerability by accessing database info or starting a DoS attack. This issue has been...
CVE-2024-2163
The Ninja Beaver Add-ons for Beaver Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 2.4.5 due to insufficient input sanitization and output escaping on user supplied attributes such as urls. This makes it...
WordPress Animation Addons for Elementor plugin <= 2.4.5 - Arbitrary Content Deletion vulnerability
Arbitrary Content Deletion vulnerability discovered by Denver Jackson in WordPress Plugin Animation Addons for Elementor versions = 2.4.5...
CVE-2025-67540 WordPress Animation Addons for Elementor plugin <= 2.4.5 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...
CVE-2025-67540 WordPress Animation Addons for Elementor plugin <= 2.4.5 - Arbitrary Content Deletion vulnerability
Missing Authorization vulnerability in Wealcoder Animation Addons for Elementor animation-addons-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animation Addons for Elementor: from n/a through = 2.4.5...
EUVD-2024-29141
Malicious code in bioql PyPI...
EUVD-2025-19975
Malicious code in bioql PyPI...
EUVD-2023-40453
Malicious code in bioql PyPI...
EUVD-2022-29996
Malicious code in bioql PyPI...
EUVD-2025-10570
Malicious code in bioql PyPI...
EUVD-2022-29997
Malicious code in bioql PyPI...
EUVD-2025-19317
Malicious code in bioql PyPI...
CVE-2025-49559 Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could result in a security feature bypass. An attacker could leverage this...
Path Traversal
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Path Traversal resulting in a security feature bypass. An attacker could leverage this vulnerability to modify limited data. Remediation Upgrade magento/community-edition t...
Cross-Site Request Forgery (CSRF)
Overview magento/community-edition is a modern cloud eCommerce platform. Affected versions of this package are vulnerable to Cross-Site Request Forgery CSRF. A high-privileged attacker could trick a victim into executing unintended actions on a web application where the victim is authenticated,...