6 matches found
CVE-2026-31858
Craft is a content management system CMS. The ElementSearchController::actionSearch endpoint is missing the unset protection that was added to ElementIndexesController in CVE-2026-25495. The exact same SQL injection vulnerability including criteriaorderBy, the original advisory vector works on th...
Radare2 缓冲区错误漏洞
Radare2 is a Libre reverse framework open-sourced by Radare for Unix geeks. A buffer error vulnerability exists in Radare2 version 5.9.9, which stems from memory corruption due to incorrect manipulation of the parameter -T...
Radare2 缓冲区错误漏洞
Radare2 is a Libre reverse framework open-sourced by Radare for Unix geeks. A buffer error vulnerability exists in Radare2 version 5.9.9, which stems from memory corruption due to incorrect manipulation of the parameter -T...
WordPress Event post plugin <= 5.9.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Peter Thaleikis in WordPress Plugin Event post versions = 5.9.9...
strongSwan 信任管理问题漏洞
strongSwan is a Swiss Andreas Steffen personal developer of a Linux platform to use the open source IPsec-based VPN solution. The solution includes authentication mechanisms such as X.509 public key certificates, securely stored private keys, and smart cards. A security vulnerability exists in...
Arbitrary File Deletion Vulnerability in Rice CMS v5.9.9
DAMI CMS is a free open-source, fast, simple PC station and cell phone station integration integration system, is committed to providing users with simple, fast PC station and smartphone station building solutions. An arbitrary file deletion vulnerability exists in Daimi CMS version v5.9.9, which...