CVE-2025-13871

Cross-Site Request Forgery CSRF in the resource-management feature of ObjectPlanet Opinio 7.26 rev12562 allows to upload files on behalf of the connected users and then access such files without authentication...

ObjectPlanet Opinio 安全漏洞

ObjectPlanet Opinio is an online survey system from ObjectPlanet Norway. A security vulnerability exists in ObjectPlanet Opinio version 7.26 rev12562, which stems from a blind server-side request forgery in the survey import feature that could cause the server to execute an arbitrary HTTP GET...

WordPress plugin W3SPEEDSTER 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

ILIAS < 7.26, 8.x < 8.6 Multiple Vulnerabilities

ILIAS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ilias:ilias"; if description...

SA-CORE-2014-001 - Drupal core - Multiple vulnerabilities

Multiple vulnerabilities were fixed in the supported Drupal core versions 6 and 7. Impersonation OpenID module - Drupal 6 and 7 - Highly critical A vulnerability was found in the OpenID module that allows a malicious user to log in as other users on the site, including administrators, and hijack...