MedDream PACS Premium Cross-site Scripting Vulnerability

MedDream PACS Premium is an enterprise-level image storage and management server suite developed by MedDream Corporation. Version 7.3.6.870 of MedDream PACS Premium contains a cross-site scripting vulnerability. This vulnerability stems from the thumbnaildir parameter in the config.php function,...

CVE-2020-24495

Insufficient access control in the firmware for the IntelR 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access...

Security Bulletin: vulerability in IBM Spectrum Symphony with spring webmvc

Summary vulerability in IBM Spectrum Symphony with spring webmvc Vulnerability Details CVEID:CVE-2025-41242 DESCRIPTION: Spring Framework MVC applications can be vulnerable to a “Path Traversal Vulnerability” when deployed on a non-compliant Servlet container. An application can be vulnerable whe...

LeptonCMS 安全漏洞

LeptonCMS is a content management system CMS from the Lepton Project. A security vulnerability exists in LeptonCMS version 7.3.0 that stems from insufficient file validation and could lead to the execution of arbitrary code...

CVE-2025-64380

CVE-2025-64380 affects WordPress Booster for WooCommerce (woocommerce-jetpack) plugin, specifically versions up to and including 7.3.2. The root cause is improper input handling during web page generation, leading to a stored cross-site scripting (XSS) vulnerability. This means malicious script p...

CVE-2025-50044

CVE-2025-50044: A CSRF vulnerability in the WordPress Real Estate Manager plugin affects versions n/a through 7.3. The issue stems from CSRF, enabling unauthorized actions on behalf of an authenticated user. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H) yields a base score of 6.5 (Med...

WordPress plugin Real Estate Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Team Member 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on servers running PHP and MySQL. A security vulnerability exists in WordPres...

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication, and automatic failover. A security vulnerability exists in MongoDB Server that stems from incorrectly enforcing index...

WordPress plugin Directorist 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

ROS-2-2549

2.2549 Notification on the update of the Red OS OPERATIONAL SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 is released. You can contact the technical support service within the framework of your existing technical support...

PT-2021-5346 · Php +2 · Php +2

Name of the Vulnerable Software and Affected Versions: PHP versions 7.3.x through 7.3.30 PHP versions 7.4.x through 7.4.23 PHP versions 8.0.x through 8.0.10 Description: The issue arises from the incorrect restriction of the path name to a directory with limited access in the ZipArchive::extractT...

Knowage Cross-Site Scripting Vulnerability (CNVD-2021-34493)

Knowage is an open source suite for modern business analytics on traditional resources and big data systems from Knowage Italy. A cross-site scripting vulnerability exists in Knowage Suite version 7.3. An attacker can inject arbitrary web scripts via the "targetService" parameter...

Cisco IOS XR 参数注入漏洞

Cisco IOS XR software is a modular and fully distributed network operating system for service provider networks. A command injection vulnerability exists in the CLI of Cisco IOS XR versions prior to 7.3.1. The vulnerability stems from insufficient input validation of user-supplied commands. An...

CVE-2020-24505

Insufficient input validation in the firmware for the IntelR 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access...

HPE Intelligent Management Center (iMC) faultinfo_content expression language injection remote code execution vulnerability

HPE Intelligent Management Center iMC is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services and users. A security vulnerability exists in HPE...

HPE Intelligent Management Center (iMC) chooseperfview Expression Language Injection Remote Code Execution Vulnerability

HPE Intelligent Management Center iMC is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services and users. A security vulnerability exists in HPE...

HPE Intelligent Management Center (iMC) ictexpertcsvdownload Expression Language Injection Remote Code Execution Vulnerability

HPE Intelligent Management Center iMC is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services and users. A security vulnerability exists in HPE...

Panasonic FPWIN Pro Buffer Overflow Vulnerability (CNVD-2019-17135)

Panasonic FPWIN Pro is a set of controller programming software from Panasonic Corporation of Japan. A buffer overflow vulnerability exists in Panasonic FPWIN Pro 7.3.0.0 and prior versions. The vulnerability stems from a networked system or product performing operations on memory without properl...

HPE Intelligent Management Center (IMC) deploySelectBootrom Expression Language Injection Remote Code Execution Vulnerability

HPE Intelligent Management Center IMC is a comprehensive management platform built from the ground up to support the Failure, Configuration, Accounting, Performance and Security FCAPS model. A deploySelectBootrom expression language injection remote code execution vulnerability exists in HPE...