WordPress PhotoMe theme <= 5.6.11 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme PhotoMe versions = 5.6.11...

CVE-2026-20975

Improper handling of insufficient permission in Samsung Cloud prior to version 5.6.11 allows local attackers to access specific files in arbitrary path...

EUVD-2013-3742

Malware in sbrugna...

WordPress plugin The Plus Addons for Elementor 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

PT-2024-28606 · Elementor · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: Element Pack Elementor Addons versions through 5.6.11 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendation...

WordPress plugin Element Pack Elementor Addons 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2024-36543 · WordPress · Element Pack Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Element Pack Elementor Addons plugin for WordPress versions up to, and including, 5.6.11 Description: The issue is related to Stored Cross-Site Scripting via the onclick event parameter due to insufficient input sanitization and output...

WordPress plugin OWM Weather 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Mageia: Security Advisory (MGASA-2015-0303)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2021-10764 · Nagios Xi · Nagios Xi

Name of the Vulnerable Software and Affected Versions: NagiosXI version 5.6.11 Description: The issue allows an authenticated nagiosadmin user to inject additional commands into a request, potentially leading to remote code execution. The vendor disputes the actionability of the vulnerability due...

Oracle MySQL Server 5.5 <= 5.5.29 / 5.6 <= 5.6.11 Security Update (cpuapr2013) - Linux

Oracle MySQL Server is prone to an unspecified vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:oracle:mysql";...

Nagios XI Cross-Site Scripting Vulnerability (CNVD-2020-19530)

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A cross-site scripting vulnerability exists in Nagios XI version 5.6.11. The vulnerability stems from the...

PHP < 5.5.27, 5.6.x < 5.6.11 Arbitrary Code Execution Vulnerability (Aug 2016) - Linux

PHP is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if descripti...

Design/Logic Flaw

The pharconverttoother function in ext/phar/pharobject.c in PHP before 5.4.43, 5.5.x before 5.5.27, and 5.6.x before 5.6.11 does not validate a file pointer before a close operation, which allows remote attackers to cause a denial of service segmentation fault or possibly have unspecified other...

UBUNTU-CVE-2016-0502

Unspecified vulnerability in Oracle MySQL 5.5.31 and earlier and 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Optimizer...

MGASA-2015-0303 Updated php package fixes security vulnerabilities

Updated php packages fix security vulnerabilities: The php package has been updated to version 5.6.11, fixing several bugs and security issues. See the upstream Changelog for more details...

CVE-2013-3795

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.11 and earlier allows remote authenticated users to affect availability via unknown vectors related to Data Manipulation Language...

PT-2013-4651 · Mysql Server +2 · Mysql Server +2

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.5.31 and earlier MySQL Server versions 5.6.11 and earlier Description: The issue affects the availability of the system, allowing remote authenticated users to impact it via unknown vectors related to Server Replicatio...

PT-2013-4643 · Mysql Server +2 · Mysql Server +2

Name of the Vulnerable Software and Affected Versions: MySQL Server versions 5.1.69 and earlier MySQL Server versions 5.5.31 and earlier MySQL Server versions 5.6.11 and earlier Description: The issue affects the availability of the system, allowing remote authenticated users to impact it via...