EUVD-2026-31746

Missing Authorization vulnerability in Nikki Blight QR Redirector allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects QR Redirector: from n/a through 2.0.3...

CVE-2026-41900 OpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution Environment

OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution RCE vulnerability was identified in the OpenLearnX code execution environment, allowing sandbox escape and arbitrary command execution. This issue has been patched in...

Timo 安全漏洞

Timo is a backend management system developed by auntvt. Version Timo 2.0.3 has a security vulnerability, which stems from a cross-site scripting vulnerability in the title field. Attackers can execute attacks through specially crafted links...

V-SOL GPON/EPON OLT Platform 输入验证错误漏洞

V-SOL GPON/EPON OLT Platform is an optical line terminal management platform from China Semiconductor V-SOL. An input validation error vulnerability exists in V-SOL GPON/EPON OLT Platform version v2.03, which stems from improper validation of the parent parameter input and could lead to an open...

CVE-2025-64270 WordPress Masteriyo - LMS plugin <= 2.0.3 - Sensitive Data Exposure vulnerability

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in masteriyo Masteriyo - LMS learning-management-system allows Retrieve Embedded Sensitive Data.This issue affects Masteriyo - LMS: from n/a through = 2.0.3...

EUVD-2025-203364

The FluentAuth – The Ultimate Authorization & Security Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's fluentauthresetpassword shortcode in all versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping o...

CVE-2025-64714

CVE-2025-64714 affects PrivateBin. When templateselection is enabled, an unauthenticated Local File Inclusion can occur via the template cookie, allowing inclusion of PHP files and potential data exposure or remote code execution if a crafted file exists. Affected versions are 1.7.7 up to and inc...

EUVD-2025-35993

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Konstantin Pankratov Date counter date-counter allows Stored XSS.This issue affects Date counter: from n/a through = 2.0.3...

WordPress plugin Read More Login Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerabilit...

PT-2024-14134 · Pixelemu · Terraclassifieds

Name of the Vulnerable Software and Affected Versions: TerraClassifieds versions through 2.0.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability in Pixelemu TerraClassifieds. Recommendations: For versions through 2.0.3, update to a version later than 2.0.3 to resolve the...

WordPress plugin Wp Ultimate Review 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Urbandroid Sleep 安全漏洞

Urbandroid Sleep is an app from Urbandroid Inc. which is used to track the sleep of customers. A security vulnerability exists in Urbandroid Sleep version v.20230303 that originates from an unauthorized application causing a persistent denial of service by manipulating the SharedPreference file...

WordPress 插件 SQL注入漏洞

The WordPress plugin uListing is a directory and listing plugin based on Vue.js. A SQL injection vulnerability exists in the custom parameter of the WordPress plugin uListing 2.0.3 and earlier versions. No details of the vulnerability are currently available...