17 matches found
EUVD-2025-35931
The The7 — Website and eCommerce Builder for WordPress theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ the7fancytitlecss’ parameter in all versions up to, and including, 12.9.1 due to insufficient input sanitization and output escaping. This makes it possible for...
PT-2025-43730
Name of the Vulnerable Software and Affected Versions The7 — Website and eCommerce Builder for WordPress theme versions prior to 12.9.2 Description The software is susceptible to a Stored Cross-Site Scripting issue because of inadequate input sanitization and output escaping. This allows...
CVE-2025-54196
Adobe Connect suffers a URL Redirection to Untrusted Site vulnerability affecting version 12.9 and earlier. The issue allows an attacker to lure a user into opening a crafted link, triggering a redirect to a malicious site. Exploitation requires user interaction, and the underlying exposure is Op...
SeaCMS 安全漏洞
SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version v12.9, which stems from vulnerability to cross-site scripting attacks that allow an...
CVE-2024-41444
SeaCMS v12.9 has a SQL injection vulnerability in the key parameter of /js/player/dmplayer/dmku/index.php?ac=so...
PT-2024-38125 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: A problematic issue was found in SeaCMS, affecting an unknown part of the file /js/player/dmplayer/player/index.php. The manipulation of the argument color/vid/url leads to cross-site scripting. It is possible...
SeaCMS Security Vulnerability
SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 12.9, which originates from phomebak. php writes some incoming variable names without...
SeaCMS Security Vulnerability
SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 12.9, which stems from vulnerability to SQL injection attacks, which can lead to the...
SeaCMS 安全漏洞
SeaCMS is a free, open source web content management system written in PHP. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 12.9, which stems from allowing remote attackers to execute arbitrary code via admin notify.php...
CVE-2023-46010
An issue in SeaCMS v.12.9 allows an attacker to execute arbitrary commands via the adminsafe.php component...
SeaCMS Security Vulnerability
SeaCMS is a free and open source web content management system written in PHP. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version V12.9, which originates from an arbitrary file write vulnerability in adminsmtp.php...
SeaCMS Security Vulnerability
SeaCMS is a free and open source web content management system written in PHP. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version V12.9, which originates from an arbitrary file write vulnerability in adminping.php...
PT-2023-29142 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: The issue is related to an arbitrary file write vulnerability. It affects the component admin smtp.php. Recommendations: For SeaCMS version 12.9, consider disabling access to the admin smtp.php component until...
PT-2023-29143 · Seacms · Seacms
Name of the Vulnerable Software and Affected Versions: SeaCMS version 12.9 Description: The issue is related to an arbitrary file write vulnerability. It affects the component admin weixin.php, allowing for potential unauthorized file modifications. Recommendations: For SeaCMS version 12.9,...
PT-2020-13088 · Gitlab · Gitlab
Name of the Vulnerable Software and Affected Versions: GitLab versions 12.6 through 12.9 Description: The issue allows an external user to create a personal snippet through the API, resulting in a privilege escalation. Recommendations: For GitLab versions 12.6 through 12.9, update to a version th...
GitLab Denial of Service Vulnerability (CNVD-2020-20425)
GitLab is a Ruby on Rails-developed, self-hosted, Git version control system project repository application from the American company GitLab. The program can be used to access a project's file contents, commit history, bug lists, and more. A security vulnerability exists in GitLab version 12.9 an...
CVE-2016-9148
Cross-site scripting XSS vulnerability in CA Service Desk Manager formerly CA Service Desk 12.9 and 14.1 allows remote attackers to inject arbitrary web script or HTML via the QBE.EQ.REFNUM parameter...