6 matches found
EUVD-2025-11296
Malicious code in bioql PyPI...
CVE-2025-39584
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Themewinter Eventin allows PHP Local File Inclusion. This issue affects Eventin: from n/a through 4.0.25...
CVE-2025-39584
CVE-2025-39584 corresponds to a WordPress Eventin vulnerability: an Authenticated Local File Inclusion via an improper filename control in the PHP include/require flow. Affected software is Eventin versions up to and including 4.0.25. The root cause is described as improper control of the filenam...
CVE-2024-24703
Missing Authorization vulnerability in MultiVendorX WC Marketplace.This issue affects WC Marketplace: from n/a through 4.0.25...
CVE-2020-0566
Improper Access Control in subsystem for IntelR TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially enable escalation of privilege via physical access...
CVE-2017-5361
Request Tracker RT 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 does not use a constant-time comparison algorithm for secrets, which makes it easier for remote attackers to obtain sensitive user password information via a timing side-channel attack...