149 matches found
Braina 安全漏洞
Braina is an intelligent personal assistant software for Windows PCs from Braina that allows you to interact with your computer using voice commands. A security vulnerability exists in Braina version v2.8, which originates from a remote attacker obtaining sensitive information through the chat...
CVE-2024-54219
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in thehp AIO Contact aio-contact.This issue affects AIO Contact: from n/a through = 2.8.1...
CPDF 安全漏洞
CPDF is a PDF command line tool from the individual developer John Whitington. A security vulnerability exists in CPDF 2.8 and earlier versions, which stems from allowing the use of a stack through a carefully crafted PDF document...
WordPress NPS computy plugin <= 2.8.0 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin NPS computy versions = 2.8.0...
CVE-2024-9178
The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level...
WordPress plugin Email Verification for WooCommerce SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
Classroombookings 安全漏洞
Classroombookings is a Php, Mysql based school room booking system by Craig A Rodway Individual Developer. A security vulnerability exists in Classroombookings version 2.8.7, which stems from the parameter Name of the file/sessions of the component Session Page can lead to a cross-site scripting...
skycaiji Security Breach
Skycaiji Blue Sky Collector is a free data collection and publishing crawler software from China Nanchang ZhuoLan Technology Co., Ltd, which is developed by php+mysql and can be deployed on cloud servers. A security vulnerability exists in skycaiji version 2.8, which stems from a cross-site...
CVE-2023-33321
Missing Authorization vulnerability in Metagauss EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 2.8.6...
TOTOLINK N300RT 安全漏洞
The TOTOLINK N300RT is an 802.11n compliant wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK N300RT version V2.1.8-B20201030.1539, which originates from a stored cross-site scripting vulnerability in the WDS Settings function on the Wireless page...
WordPress Plugin Social Media Share Buttons & Social Sharing Icons 安全漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in the WordPress Plugi...
Apache Airflow 安全漏洞
Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. A security bypass vulnerability exists in Apache Airflow versions 2.8.2 through 2.8...
WordPress Plugin Ultimate Member Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
WordPress Plugin buddyforms security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
CVE-2022-38141
Missing Authorization vulnerability in Zorem Sales Report Email for WooCommerce.This issue affects Sales Report Email for WooCommerce: from n/a through 2.8...
Jayway JsonPath Security Vulnerability
Jayway JsonPath is json-path open source a Java DSL for reading Json documents. A security vulnerability exists in Jayway JsonPath version v2.8.0, which stems from a stack overflow vulnerability in the Criteria.parse method...
CVE-2023-5712
The System Dashboard plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the sdglobalvalue function hooked via an AJAX action in all versions up to, and including, 2.8.7. This makes it possible for authenticated attackers, with subscriber-level...
CVE-2023-6019
A command injection existed in Ray's cpuprofile URL parameter allowing attackers to execute os commands on the system running the ray dashboard remotely without authentication. The issue is fixed in version 2.8.1+. Ray maintainers' response can be found here:...
EMSigner Security Vulnerability
EMSigner is an electronic signature solution from EMSigner India. A security vulnerability exists in EMSigner version v2.8.7, which stems from a vulnerability that allows an attacker to gain unauthorized access to application content and view sensitive data of other users by manipulating the...
PT-2023-27500 · Unknown · Welcart E-Commerce
Name of the Vulnerable Software and Affected Versions: Welcart e-Commerce versions 2.7 to 2.8.21 Description: The issue allows a user with author or higher privilege to obtain partial information of the files on the web server due to a path traversal vulnerability. Recommendations: For Welcart...