26 matches found
Jupyter多款产品 跨站脚本漏洞
Jupyter Notebook is an open-source web application developed by Project Jupyter, designed for creating and sharing code along with explanatory text documents. JupyterLab is another open-source project developed by JupyterLab, offering an extensible environment for interactive and reproducible...
CVE-2026-0618
Cross-site Scripting vulnerability in Devolutions PowerShell Universal.This issue affects Powershell Universal: before 4.5.6, before 5.6.13...
CVE-2025-66027
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled...
CVE-2025-66027 Rallly Information Disclosure Vulnerability in Participant API Leaks Names and Emails Despite Pro Privacy Settings
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.6, an information disclosure vulnerability exposes participant details, including names and email addresses through the /api/trpc/polls.get,polls.participants.list endpoint, even when Pro privacy features are enabled...
CVE-2025-59578
Insertion of Sensitive Information Into Sent Data vulnerability in wpdesk ShopMagic shopmagic-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects ShopMagic: from n/a through = 4.5.6...
CVE-2025-59578
CVE-2025-59578 describes a Sensitive Data Exposure in the WordPress plugin ShopMagic (ShopMagic for WooCommerce)
CVE-2025-47610 WordPress WooCommerce Fortnox Integration <= 4.5.6 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wetail WooCommerce Fortnox Integration allows Stored XSS. This issue affects WooCommerce Fortnox Integration: from n/a through 4.5.6...
WordPress plugin WooCommerce Fortnox Integration 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress WooCommerce Fortnox Integration <= 4.5.6 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WooCommerce Fortnox Integration versions = 4.5.6...
PT-2024-21913 · Wondershare · Wondershare Filmora +1
Name of the Vulnerable Software and Affected Versions: Wondershare MobileTrans version 4.5.6 and lower Wondershare Filmora versions 4.5.6 and lower Description: The issue allows attackers to escalate privileges due to multiple unquoted service paths. Recommendations: For Wondershare MobileTrans...
PT-2024-15404 · WordPress · Eventon +1
Name of the Vulnerable Software and Affected Versions: EventON Premium WordPress plugin versions prior to 4.5.6 EventON WordPress plugin versions prior to 2.2.8 Description: The issue is related to a lack of authorization in an AJAX action, which does not ensure that the post to be updated belong...
WordPress ChatBot Plugin < 4.5.6 is vulnerable to Cross Site Scripting (XSS)
Software ChatBot Type Plugin Vulnerable versions 4.5.6 Fixed in 4.5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-2811 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID eb7005b63455 Credits NGO VAN TU Required privilege...
Cross site request forgery (csrf)
A vulnerability was found in dolibarrprojecttimesheet up to 4.5.5. It has been declared as problematic. This vulnerability affects unknown code of the component Form Handler. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. Upgrading to version 4.5.6.a i...
WordPress Page Builder Sandwich – Front-End Page Builder plugin <= 4.5.5 - Sensitive Information Disclosure vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Page Builder Sandwich – Front-End Page Builder plugin versions = 4.5.5. Solution Update the WordPress Page Builder Sandwich – Front-End Page Builder plugin to the latest available version at least 4.5.6...
resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's WebApplicationException handling
A flaw was found in the RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. This flaw allows client users to obtain the server's potentially sensitive information when the server receives the WebApplicationException from the RESTEasy client call. The highest threat from this...
resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's WebApplicationException handling
A flaw was found in the RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. This flaw allows client users to obtain the server's potentially sensitive information when the server receives the WebApplicationException from the RESTEasy client call. The highest threat from this...
resteasy-client: potential sensitive information leakage in JAX-RS RESTEasy Client's WebApplicationException handling
A flaw was found in the RESTEasy client in all versions of RESTEasy up to 4.5.6.Final. This flaw allows client users to obtain the server's potentially sensitive information when the server receives the WebApplicationException from the RESTEasy client call. The highest threat from this...
WordPress Email Subscribers & Newsletters plugin <= 4.5.5 - Unauthenticated email forgery/spoofing vulnerability
Unauthenticated email forgery/spoofing vulnerability found by Alex Peña in WordPress Email Subscribers & Newsletters plugin versions = 4.5.5. Solution Update the WordPress Email Subscribers & Newsletters plugin to the latest available version at least 4.5.6...
CVE-2017-11301
An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses...
CVE-2017-11297
An issue was discovered in Adobe Digital Editions 4.5.6 and earlier versions. An exploitable memory corruption vulnerability exists, which could lead to disclosure of memory addresses...