PT-2026-43262

A security flaw has been discovered in Das Parking Management System 停车场管理系统 6.2.0. This vulnerability affects unknown code of the component Search API Endpoint. The manipulation of the argument Value results in sql injection. It is possible to launch the attack remotely. The exploit has been...

PT-2026-40029

Dell PowerScale InsightIQ, versions 5.0.0 through 6.2.0, contains an execution with unnecessary privileges vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

CVE-2026-6796 Sanluan PublicCMS Failed Login LoginAdminController.java log_login cleartext storage in file

A vulnerability was determined in Sanluan PublicCMS up to 6.202506.d. Affected is the function loglogin of the file core/src/main/java/com/publiccms/controller/admin/LoginAdminController.java of the component Failed Login Handler. This manipulation of the argument errorPassword causes cleartext...

WordPress plugin WP Plugin Info Card 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Das Parking Management System SQL注入漏洞

Das Parking Management System is a parking management system from Das Corporation. A SQL injection vulnerability exists in Das Parking Management System version 6.2.0, which is caused by incorrect manipulation of the parameter vehicleTypeCode in the file /vehicle/search...

Security update for pcp

This update for pcp fixes the following issues: CVE-2024-45770: Fixed pmpost symlink attack allowing escalating pcp to root user bsc1230552. CVE-2024-45769: Fixed pmcd heap corruption through metric pmstore operations bsc1230551. CVE-2024-3019: Fixed exposure of the redis backend server allowing...

org.apereo.cas:cas-server-support-gauth (>=6.2.0 <=6.2.3), org.apereo.cas:cas-server-support-gauth-core (>=6.2.0 <=6.2.3) +9 more potentially affected by CVE-2020-27178 via org.apereo.cas:cas-server-support-otp-mfa-core (>=6.2.0 <=6.2.3)

org.apereo.cas:cas-server-support-otp-mfa-core MAVEN version =6.2.0, =6.2.0, =6.2.0, =6.2.0, =6.2.0, =6.2.0, =6.2.0, =6.2.0, =6.2.0, =6.2.0, =6.2.0, =6.2.0, =6.2.3 Source cves: CVE-2020-27178 Source advisory: OSV:GHSA-Q39C-5VH5-VW2P...

CVE-2018-13367

An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI...

LOYTEC LVIS-3ME Relative Path Traversal Vulnerability

LVIS-3ME is a graphical user interface from LOYTEC. A relative path traversal vulnerability exists in LOYTEC LVIS-3ME versions prior to 6.2.0, which can be exploited by an attacker to create or modify files, or execute arbitrary code, due to the inability of the web user interface to prevent user...