CVE-2021-33348

An issue was discovered in JFinal framework v4.9.10 and below. The "set" method of the "Controller" class of jfinal framework is not strictly filtered, which will lead to XSS vulnerabilities in some cases...

EUVD-2021-1510

Malware in sbrugna...

EUVD-2024-31328

Malicious code in bioql PyPI...

Apache Felix Webconsole: XSS in services console

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Felix Webconsole. This issue affects Apache Felix Webconsole 4.x up to 4.9.8 and 5.x up to 5.0.8. Users are recommended to upgrade to version 4.9.10 or 5.0.10 or higher, which fixes the issu...

CVE-2024-30528

Missing Authorization vulnerability in Spiffy Plugins Spiffy Calendar.This issue affects Spiffy Calendar: from n/a through 4.9.10...

PT-2024-25360 · Unknown · Tips/Tricks Hq Easy Accept Payments

Name of the Vulnerable Software and Affected Versions: Tips and Tricks HQ Easy Accept Payments versions 4.9.10 and earlier Description: The issue is related to a Missing Authorization vulnerability in Tips and Tricks HQ Easy Accept Payments. Recommendations: For versions 4.9.10 and earlier, updat...

WordPress Easy Accept Payments for PayPal plugin <= 4.9.10 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Easy Accept Payments versions = 4.9.10...

PT-2024-12786 · Dell · Dell Update Package

Name of the Vulnerable Software and Affected Versions: Dell Update Package DUP versions prior to 4.9.10 Description: The issue allows a malicious user with local access to the system to potentially exploit it and run arbitrary code as admin. This is due to an Uncontrolled Search Path vulnerabilit...

WordPress plugin Easy Accept Payments for PayPal 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

phpMyAdmin < 4.9.10, 5.x < 5.1.3 Information Disclosure Vulnerability - Windows

phpMyAdmin is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

phpMyAdmin < 4.9.10, 5.x < 5.1.3 Information Disclosure Vulnerability - Linux

phpMyAdmin is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

GHSA-2C25-XFPQ-8W9R Cross-site scripting in jfinal

An issue was discovered in JFinal framework v4.9.10 and below. The "set" method of the "Controller" class of jfinal framework is not strictly filtered, which will lead to XSS vulnerabilities in some cases...

UBUNTU-CVE-2017-2618

A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty null write to this file can crash the system by causing the system to attempt to access unmapped kernel memory...