CVE-2026-34372

Sulu is an open-source PHP content management system based on the Symfony framework. From versions 1.0.0 to before 2.6.22, and 3.0.0 to before 3.0.5, a user which has permission for the Sulu Admin via at least one role could have access to the sub-entities of contacts via the admin API without ev...

CVE-2026-34372

The CVE refers to a permission-check issue in Sulu’s Admin API where a user with at least one Admin role could access subentities (e.g., contacts) via the Admin API without having explicit permission for those contacts. This was fixed in Sulu releases 2.6.22 and 3.0.5. A Symfony Request Listener ...

CVE-2026-34372 Sulu checks fix permissions for subentities endpoints

Sulu is an open-source PHP content management system based on the Symfony framework. From versions 1.0.0 to before 2.6.22, and 3.0.0 to before 3.0.5, a user which has permission for the Sulu Admin via at least one role could have access to the sub-entities of contacts via the admin API without ev...

EUVD-2025-8471

Malicious code in bioql PyPI...

CVE-2025-2541

The WP Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...

WordPress plugin WP Project Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2025-3100

The WP Project Manager – Task, team, and project management plugin featuring kanban board and gantt charts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.22 due to insufficient input sanitization and output escaping...

WordPress plugin WP Project Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin WP Project Manager 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

CVE-2025-22649

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in weDevs WP Project Manager wedevs-project-manager allows Stored XSS.This issue affects WP Project Manager: from n/a through 2.6.22...

WordPress plugin WP Project Manager 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2023-35111 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue concerns checking font dimension limits. It was introduced in version v2.6.22 and fixed in version v5.15.93. The actual impact and attack plausibility have not yet been proven...

GSD-2023-1000875 usb: rndis_host: Secure rndis_query check against int overflow

usb: rndishost: Secure rndisquery check against int overflow This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.87 by commit...

Linux Kernel 2.6.22 < 3.9 - Dirty COW /proc/self/mem Race Condition Privilege Escalation (/etc/pa

Exploit for linux platform in category local exploits // EDB-Note: Compile: g++ -Wall -pedantic -O2 -std=c++11 -pthread -o dcow 40847.cpp -lutil // EDB-Note: Recommended way to run: ./dcow -s Will automatically do "echo 0 /proc/sys/vm/dirtywritebackcentisecs" // //...

Linux Kernel 2.6.22 < 3.9 - Dirty COW /proc/self/mem Race Condition Privilege Escalation (/etc/pa

Exploit for linux platform in category local exploits // EDB-Note: Compile: g++ -Wall -pedantic -O2 -std=c++11 -pthread -o dcow 40847.cpp -lutil // EDB-Note: Recommended way to run: ./dcow -s Will automatically do "echo 0 /proc/sys/vm/dirtywritebackcentisecs" // //...

Linux Kernel < 2.6.22 ftruncate()/open() Local Exploit

No description provided by source. / gw-ftrex.c: Linux kernel 2.6.22 open/ftruncate local exploit by gat3way at gat3way dot eu bug information: http://osvdb.org/49081 !!!This is for educational purposes only!!! To use it, you've got to find a sgid directory you've got permissions to write into...

StrongSwan/Openswan Denial Of Service Vulnerability June-09

The host is installed with strongSwan/Openswan and is prone to Denial of Service vulnerability. OpenVAS Vulnerability Test $Id: secpodstrongswannopenswandosvulnjun09.nasl 6515 2017-07-04 11:54:15Z cfischer $ StrongSwan/Openswan Denial Of Service Vulnerability June-09 Authors: Sharath S Copyright:...

Security fix for the ALT Linux 6 package smarty version 2.6.22-alt1

Jan. 27, 2009 Vladimir V Kamarzin 2.6.22-alt1 - Updated to 2.6.22. Security fixes: + CVE-2008-4810 + CVE-2008-4811...