PT-2026-4135

Name of the Vulnerable Software and Affected Versions magentech MaxShop versions through 3.6.20 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

MiracleLinux 4 : sqlite-3.6.20-1.el6_7.2 (AXSA:2015-444:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2015-444:01 advisory. SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The A...

CVE-2023-53983

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

CVE-2023-53983 Anevia Flamingo XL/XS 3.6.20 Default Credentials Authentication Bypass

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

CVE-2023-53983 Anevia Flamingo XL/XS 3.6.20 Default Credentials Authentication Bypass

Anevia Flamingo XL/XS 3.6.20 contains a critical vulnerability with weak default administrative credentials that can be easily guessed. Attackers can leverage these hard-coded credentials to gain full remote system control without complex authentication mechanisms...

CVE-2025-59575

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Retrieve Embedded Sensitive Data.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

CVE-2025-59575 WordPress MasterStudy LMS plugin <= 3.6.20 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Retrieve Embedded Sensitive Data.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

WordPress plugin MasterStudy LMS 安全漏洞

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin MasterStudy LMS, which...

EUVD-2025-8810

Malicious code in bioql PyPI...

CVE-2025-59576

Missing Authorization vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

CVE-2025-59577

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Leveraging Race Conditions.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

CVE-2025-59576

Public details for CVE-2025-59576 are not provided in the connected documents. The initial document mentions a Missing Authorization issue in MasterStudy LMS

CVE-2025-59577 WordPress MasterStudy LMS Plugin <= 3.6.20 - Race Condition Vulnerability

Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in Stylemix MasterStudy LMS masterstudy-lms-learning-management-system allows Leveraging Race Conditions.This issue affects MasterStudy LMS: from n/a through = 3.6.20...

WordPress plugin MasterStudy LMS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

WordPress plugin MasterStudy LMS 竞争条件问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A competitive...

PT-2025-39049

Name of the Vulnerable Software and Affected Versions MasterStudy LMS versions through 3.6.20 Description An authorization issue exists in Stylemix MasterStudy LMS, allowing exploitation of incorrectly configured access control security levels. Recommendations Update MasterStudy LMS to a version...

CVE-2025-27009

Cross-Site Request Forgery CSRF vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Stored XSS.This issue affects My auctions allegro: from n/a through = 3.6.33...

CVE-2025-27009

Cross-Site Request Forgery CSRF vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Stored XSS.This issue affects My auctions allegro: from n/a through = 3.6.33...

CVE-2025-31542 WordPress My auctions allegro plugin <= 3.6.20 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Blind SQL Injection.This issue affects My auctions allegro: from n/a through = 3.6.20...

CVE-2025-31542 WordPress My auctions allegro plugin <= 3.6.20 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in wphocus My auctions allegro my-auctions-allegro-free-edition allows Blind SQL Injection.This issue affects My auctions allegro: from n/a through = 3.6.20...