13 matches found
WordPress plugin ProLingua 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
EUVD-2026-9671
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX DroneX dronex allows PHP Local File Inclusion.This issue affects DroneX: from n/a through = 1.1.12...
CVE-2026-28024
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Helion helion allows PHP Local File Inclusion.This issue affects Helion: from n/a through = 1.1.12...
CVE-2026-28009
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX DroneX dronex allows PHP Local File Inclusion.This issue affects DroneX: from n/a through = 1.1.12...
WordPress plugin DroneX 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Green Thumb 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Unity Linux 20.1070e Security Update: nodejs-brace-expansion (UTSA-2025-984691)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-984691 advisory. A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function...
TencentOS Server 4: nodejs-nodemon (TSSA-2025:0644)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0644 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
SUSE CVE-2025-5889
A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely...
AZL-63689 CVE-2025-5889 affecting package js-jquery 3.5.0-4
A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely...
AZL-63707 CVE-2025-5889 affecting package nodejs-nodemon 2.0.3-4
A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely...
PT-2024-35286 · Unknown · Buying Buddy Idx Crm
Name of the Vulnerable Software and Affected Versions: Buying Buddy IDX CRM versions 1.1.12 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Object Injection in Buying Buddy IDX CRM. Recommendations: For versions 1.1.12 and earlier, update to a...
PT-2023-23431 · Fuxa · Fuxa
Name of the Vulnerable Software and Affected Versions: FUXA versions 1.1.12 and earlier Description: The issue allows for Local File Inclusion via the "/api/download" API endpoint. This could potentially be exploited to access sensitive files on the system. Recommendations: For versions 1.1.12 an...