PT-2025-51451

Name of the Vulnerable Software and Affected Versions PenciDesign Soledad versions through 8.7.0 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the inclusion of local...

EUVD-2025-199536

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'deleteUserCcDraftPost' function in all versions up to, and including, 8.7.0. This makes it possible for authenticated attackers, wi...

PT-2025-47983

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'deleteUserCcDraftPost' function in all versions up to, and including, 8.7.0. This makes it possible for authenticated attackers, wi...

EUVD-2016-4432

Malware in sbrugna...

EUVD-2016-4431

Malware in sbrugna...

WordPress Slider Hero Plugin <= 8.6.1 is vulnerable to Cross Site Scripting (XSS)

Software Slider Hero Type Plugin Vulnerable versions = 8.6.1 Fixed in 8.7.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29922 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b14fdd6b236b Credits Jean Tirstan T Required privilege...

FasterXML Vulnerability in Bitbucket Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 7.17.0, 7.21.0, 8.7.0, 8.8.0, 8.9.0, 8.10.0, 8.11.0, 8.12.0, and 8.13.0 of Bitbucket Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

Intergard SGS 安全漏洞

Intergard SGS is a security appliance from the Brazilian company Intergard. A security vulnerability exists in Intergard SGS version 8.7.0, which stems from the presence of an unknown function in the component Change Password Handler, resulting in the transmission of sensitive information in clea...

Intergard SGS 安全漏洞

Intergard SGS is a security appliance from Brazilian company Intergard. A security vulnerability exists in Intergard SGS version 8.7.0, which stems from the presence of an unknown feature in the application that causes sensitive information to be stored in plaintext in memory...

PT-2023-26032 · Unknown · Intergard Sgs

Name of the Vulnerable Software and Affected Versions: Intergard SGS version 8.7.0 Description: A critical issue was found, affecting an unknown function and leading to permission issues. The manipulation can be launched remotely. The issue has been disclosed publicly and may be used for attacks...

Intergard SGS 安全漏洞

Intergard SGS is a security appliance from Brazilian company Intergard. A security vulnerability exists in Intergard SGS version 8.7.0, which stems from the presence of an unknown function in the component Change Password Handler, resulting in a denial of service...

PT-2023-7027 · Unknown · Intergard Sgs

Name of the Vulnerable Software and Affected Versions: Intergard SGS version 8.7.0 Description: The issue is related to the transmission of sensitive information in cleartext due to a vulnerability in the SQL Query Handler component. This can be exploited remotely, potentially allowing an attacke...

PT-2023-23308

Name of the Vulnerable Software and Affected Versions Kibana version 8.7.0 Description The issue is an arbitrary code execution flaw. An attacker with all privileges to the Uptime/Synthetics feature could send a request to execute JavaScript code, potentially leading to the execution of arbitrary...

CVE-2023-31415

Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...

CVE-2023-31415

Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of t...

Design/Logic Flaw

An insufficiently protected credentials vulnerability CWE-522 in FortiNAC-F 7.2.0, FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.0 all versions, 8.7.0 all versions may allow a local attacker with system access to retrieve users' passwords...

Atlassian Jira < 8.7.0

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 8.7.0. It is, therefore, affected by a vulnerability which permits remote attackers to access the content of internal network resources via a Server Side Request Forgery SSRF...

PT-2023-12200 · Umbraco · Umbraco Forms

Name of the Vulnerable Software and Affected Versions: Umbraco Forms version 8.7.0 Description: The issue allows unauthenticated attackers to execute arbitrary code via a crafted web.config and asp file. This is a result of a file upload vulnerability. Recommendations: For Umbraco Forms version...

Xxe

A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via...

Improper access control

Affected versions of Atlassian Jira Server and Data Center allow authenticated yet non-administrator remote attackers to edit the File Replication settings via a Broken Access Control vulnerability in the ReplicationSettings!default.jspa endpoint. The affected versions are before version 8.6.0,...