CVE-2025-69351 WordPress Ninja Tables plugin <= 5.2.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Shahjahan Jewel Ninja Tables ninja-tables allows Blind SQL Injection.This issue affects Ninja Tables: from n/a through = 5.2.4...

PT-2025-52223

Use of Hard-coded Credentials vulnerability in Utarit Information Services Inc. SoliClub allows Read Sensitive Constants Within an Executable.This issue affects SoliClub: from 5.2.4 before 5.3.7...

Optimizely Configured Commerce 安全漏洞

Optimizely Configured Commerce is a portfolio commerce platform from Optimizely, Inc. A security vulnerability exists in Optimizely Configured Commerce prior to version 5.2.2408 that originates from allowing visitors to send emails that may contain unfiltered HTML tags under certain circumstances...

PT-2024-31454 · Za Internet · Za-Internet C-Mor Video Surveillance

Name of the Vulnerable Software and Affected Versions: za-internet C-MOR Video Surveillance version 5.2401 Description: An issue was discovered due to improper or missing access control, allowing low privileged users to use administrative functions of the C-MOR web interface. Although different...

MingSoft Mcms SQL注入漏洞

MingSoft Mcms is China's MingFei MingSoft company's a complete open source J2ee system . A security vulnerability exists in MingSoft Mcms v5.2.4 that allows attackers to conduct SQL injection attacks via the search.do parameter in the file /mdiy/dict/listExcludeApp. No details of the vulnerabilit...

CVE-2021-40517

Airangel HSMX Gateway devices through 5.2.04 is vulnerable to stored Cross Site Scripting. XSS Payload is placed in the name column of the updates table using database access...

Plone 跨站脚本漏洞

Plone is a foreign open source CMS system suitable for enterprise-level applications. A cross-site scripting vulnerability exists in the user full name attribute and file upload functionality in Plone CMS versions prior to 5.2.4. The vulnerability stems from user input that is not properly encode...

Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted...

CVE-2018-5481

OnCommand Unified Manager for 7-Mode core package prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle MITM attacks...