15 matches found
WordPress Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin <= 6.2.1 - Authenticated (Administrator+) Arbitrary File Read vulnerability
Authenticated Administrator+ Arbitrary File Read vulnerability discovered by Niv Kochan in WordPress Plugin FluentForm versions = 6.2.1...
OESA-2026-1608 activemq security update
The most popular and powerful open source messaging and Integration Patterns server. Security Fixes: A vulnerability classified as problematic has been found in Apache ActiveMQ Application Server Software.CWE is classifying the issue as CWE-190. The product performs a calculation that can produce...
CVE-2025-15595
Privilege escalation via dll hijacking in Inno Setup 6.2.1 and ealier versions...
CVE-2025-15595
CVE-2025-15595 describes privilege escalation via dll hijacking in Inno Setup, affecting version 6.2.1 and earlier. The underlying issue is a dll hijack in the installer process. According to the provided metrics, exploitation requires local access with low privileges and no user interaction, and...
Exploit for CVE-2025-53533
Cross-Site-Scripting XSS in Pi-hole-CVE-2025-53533 exploit Po...
PT-2025-44019
Name of the Vulnerable Software and Affected Versions Pi-hole Admin Interface versions 6.2.1 and earlier Description The Pi-hole Admin Interface, a web interface for managing the Pi-hole network-level advertisement and internet tracker blocking application, is susceptible to reflected cross-site...
WordPress Herd Effects Plugin <= 6.2.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Khang Duong in WordPress Plugin Herd Effects versions = 6.2.1...
SUSE CVE-2024-28863
node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process. An attacker who generates a large number of sub-folders can consume memory on the system running node-tar and even crash the Node.js client within few...
CVE-2024-28863
node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process. An attacker who generates a large number of sub-folders can consume memory on the system running node-tar and even crash the Node.js client within few...
TIBCO Partnerexpress 加密问题漏洞
TIBCO Partnerexpress is a Php-based platform that generates barcodes by product name from TIBCO USA. A cryptographic issue exists in Tibco PartnerExpress where the product does not encrypt session tokens during interactions. An attacker could obtain the token to simulate an interaction. The...
Gotenberg Directory Traversal Vulnerability (CNVD-2021-03336)
Gotenberg is a Docker-powered stateless API for converting HTML, Markdown and Office documents to PDF. A directory traversal vulnerability exists in Gotenberg 6.2.1 and earlier versions of the Markdown engine. An attacker can exploit this vulnerability to read any container file...
SITOS six Build Cross-Site Scripting Vulnerability
SITOS is a modular e-learning system. The system includes features such as audio playback, video playback, forums, blogs and social media. A cross-site scripting vulnerability exists in the blog feature in SITOS six Build v6.2.1. The vulnerability stems from the WEB application lacking proper...
CVE-2019-15747
SITOS six Build v6.2.1 allows a user with the user role of Seminar Coordinator to escalate their permission to the Systemadministrator role due to insufficient checks on the server side...
SQL Injection Vulnerability in Xinqi Online Learning System V6.2.1
Xinqi Online Learning System is an online learning platform system that can make learning plans, realize supervision and monitoring, and assist learning. SQL injection vulnerability exists in version V6.2.1 of Xinqi Online Learning System, which can be exploited by attackers to obtain sensitive...
Cisco Wide Area Application Services Denial of Service Vulnerability
Cisco Wide Area Application Services WAAS is the United States Cisco Cisco company's set of WAN link acceleration software. The software is mainly used for small bandwidth and high latency link environment. A denial of service vulnerability exists in the Server Message Block SMB service in Cisco...