CVE-2026-35070

CVE-2026-35070 affects Dell SmartFabric Storage Software prior to 1.4.5. It is an Improper Neutralization of Special Elements used in a Command (Command Injection) vulnerability, enabling a high-privileged, local attacker to potentially gain filesystem access. The connected documents do not provi...

CVE-2026-35070

Dell SmartFabric Storage Software, versions prior to 1.4.5, contains an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Filesystem access for...

PT-2026-42126

Name of the Vulnerable Software and Affected Versions Dell SmartFabric Storage Software versions prior to 1.4.5 Description An improper neutralization of special elements used in a command, known as command injection, allows a high privileged attacker with local access to potentially gain...

WordPress Kunco theme < 1.4.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Kunco versions 1.4.5...

CVE-2025-58215 WordPress Ziston Theme < 1.4.5 - Local File Inclusion Vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in gavias Ziston ziston allows PHP Local File Inclusion.This issue affects Ziston: from n/a through 1.4.5...

CVE-2025-0668 BOINC Server Multiple SQL Injections

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in BOINC Server allows Stored XSS.This issue affects BOINC Server: before 1.4.5...

window-control 安全漏洞

window-control is a package from Bruno Robert's personal developer. It is designed to perform tasks similar to robot.js without mouse control, but without compiling external C++ code. A security vulnerability exists in window-control versions prior to 1.4.5, which stems from incorrect input and i...

PT-2021-22882 · Playsms · Playsms

Name of the Vulnerable Software and Affected Versions: playSMS versions prior to 1.4.5 Description: The issue allows for Arbitrary Code Execution by entering PHP code at the tabs-information-page of core main config, and then executing that code via the "index.php?app=main&inc=core welcome" URI...

Roundcube Webmail Cross-Site Scripting Vulnerability (CNVD-2020-36520)

Roundcube Webmail is an open source browser-based IMAP client that supports address book management, message searching, spell checking and more. A cross-site scripting vulnerability exists in Roundcube Webmail versions prior to 1.3.12 and 1.4.x prior to 1.4.5. The vulnerability stems from a failu...