21 matches found
EUVD-2017-18381
Malware in sbrugna...
EUVD-2017-18314
Malware in sbrugna...
EUVD-2025-28019
Malicious code in bioql PyPI...
WordPress Passster Plugin <= 4.2.18 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Que Thanh Tuan - Blue Rock in WordPress Plugin Passster versions = 4.2.18...
CVE-2025-57926
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Chill Passster content-protector allows Stored XSS.This issue affects Passster: from n/a through = 4.2.18...
CVE-2025-44015
A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: HybridDesk Station 4.2.18 and later...
CVE-2025-44015
A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: HybridDesk Station 4.2.18 and later...
CVE-2025-44015 HybridDesk Station
A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: HybridDesk Station 4.2.18 and later...
CVE-2025-44015 HybridDesk Station
A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker gains local network access, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following version: HybridDesk Station 4.2.18 and later...
PT-2025-35291
Name of the Vulnerable Software and Affected Versions: HybridDesk Station versions prior to 4.2.18 Description: A command injection vulnerability exists in HybridDesk Station. An attacker with local network access can exploit this issue to execute arbitrary commands. Recommendations: Update to...
WordPress Plugin Social Icons Widget Block 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Webba Booking plugin < 4.2.18 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Webba Booking plugin versions 4.2.18. Solution Update the WordPress Webba Booking plugin to the latest available version at least 4.2.18...
MongoDB DoS Vulnerability (SERVER-59294) - Linux
MongoDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mongodb:mongodb"; if...
Fastspot BigTree SQL Injection Vulnerability
Fastspot BigTree is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in the coreadminauto-modulesformsprocess.php file in Fastspot BigTree version 4.2.18. A remote attacker can exploit this vulnerability to...
Fastspot BigTree CMS Cross-Site Scripting Vulnerability
Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in Fastspot BigTree CMS versions 4.2.18 and earlier. A remote attacker can exploit this vulnerability by uploading specially...
Fastspot BigTree CMS SQL Injection Vulnerability (CNVD-2017-08704)
Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. Fastspot BigTree CMS 4.2.18 and earlier versions of the core\admin\modules\developer\extensions\install\process.php file and core\admin\modules\developer\ An SQL injection...
Fastspot BigTree CMS Cross-Site Request Forgery Vulnerability (CNVD-2017-08540)
Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A cross-site request forgery vulnerability exists in Fastspot BigTree CMS version 4.2.18 and earlier. A remote attacker can exploit this vulnerability to perform unauthoriz...
Fastspot BigTree CMS SQL Injection Vulnerability (CNVD-2017-08541)
Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in Fastspot BigTree CMS version 4.2.18 and earlier. The vulnerability can be exploited by remote attackers to execute arbitrary SQL...
Fastspot BigTree CMS on Windows Directory Traversal Vulnerability
Fastspot BigTree CMS on Windows is the U.S. Fastspot company's set of Winsows platform based on PHP and MySQL open source content management system CMS. A directory traversal vulnerability exists in the core\admin\ajax\developer\extensions\file-browser.php file in Fastspot BigTree CMS on Windows...
PT-2017-18925 · Bigtree · Bigtree Cms
Name of the Vulnerable Software and Affected Versions: BigTree CMS versions 4.2.18 and earlier Description: The issue allows remote authenticated users to conduct SQL injection attacks via a crafted tables object in manifest.json in an uploaded package. This issue exists in...