CVE-2026-44371

Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2...

CVE-2026-44371

Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2...

PT-2026-40947

Open OnDemand is an open-source high-performance computing portal. Prior to 4.0.11, 4.1.5, and 4.2.2, specially crafted filenames can execute javascript in the file browser This vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2...

CVE-2026-27117

bit7z is a cross-platform C++ static library that allows the compression/extraction of archive files. Prior to version 4.0.11, a path traversal vulnerability "Zip Slip" exists in bit7z's archive extraction functionality. The library does not adequately validate file paths contained in archive...

PT-2026-21808

Name of the Vulnerable Software and Affected Versions bit7z versions prior to 4.0.11 Description bit7z is a cross-platform C++ static library used for archive compression and extraction. A path traversal flaw "Zip Slip" exists in the archive extraction functionality prior to version 4.0.11. The...

bit7z 安全漏洞

bit7z is a file compression/uncompression tool developed by Riccardo as an individual project. Versions of bit7z prior to 4.0.11 contained security vulnerabilities; these vulnerabilities stemmed from insufficient validation of file paths during archive extraction, which could lead to arbitrary fi...

CVE-2025-63040

CVE-2025-63040 describes a CSRF vulnerability in the WordPress plugin Post Snippets (post-snippets) that affects versions from n/a up to and including 4.0.11. The issue is attributed to Cross-Site Request Forgery in the plugin, potentially enabling unauthorized actions on behalf of an authenticat...

WordPress plugin Post Snippets 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

CVE-2025-60729

PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function...

PerfreeBlog 安全漏洞

PerfreeBlog is PerfreeBlog open source a java-based development of blog/CMS site building platform. PerfreeBlog v4.0.11 version of a security vulnerability , the vulnerability stems from the unInstallTheme function has an arbitrary file deletion vulnerability...

EUVD-2025-35861

PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function...

EUVD-2025-35862

PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function...

EUVD-2025-35860

PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function...

EUVD-2025-35886

PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function...

PT-2025-43663

Name of the Vulnerable Software and Affected Versions PerfreeBlog version 4.0.11 Description PerfreeBlog version 4.0.11 contains a File Upload issue within the installTheme function. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

PT-2025-43665

Name of the Vulnerable Software and Affected Versions PerfreeBlog version 4.0.11 Description The software contains a flaw that allows for arbitrary file deletion through the unInstallTheme function. Recommendations Update to a newer version that contains a fix for this vulnerability. As a tempora...

CVE-2025-60735

PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function...

PT-2025-43662

Name of the Vulnerable Software and Affected Versions PerfreeBlog version 4.0.11 Description PerfreeBlog version 4.0.11 contains an arbitrary file read issue within the validThemeFilePath function. This allows for unauthorized access to files. Recommendations Update to a newer version that contai...

CVE-2025-60731

PerfreeBlog v4.0.11 is affected by a File Upload vulnerability in the installTheme function. The CVE-2025-60731 entry indicates a network-based, high-severity issue (CVSS 3.1: 7.6, Impact: Confidentiality High, Availability Low, Integrity Low) that can be triggered without user interaction, with ...

EUVD-2024-30598

Malicious code in bioql PyPI...