CVE-2026-32415

Path Traversal: '.../...//' vulnerability in Bogdan Bendziukov Squeeze squeeze allows Path Traversal.This issue affects Squeeze: from n/a through = 1.7.7...

CVE-2026-28105

Deserialization of Untrusted Data vulnerability in ThemeREX Good Energy goodenergy allows Object Injection.This issue affects Good Energy: from n/a through = 1.7.7...

CVE-2026-28105 WordPress Good Energy theme <= 1.7.7 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Good Energy goodenergy allows Object Injection.This issue affects Good Energy: from n/a through = 1.7.7...

WordPress plugin Good Energy 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the GetConfig and RefreshResource API endpoints. An attacker can access sensitive configuration data or trigger excessive reconciliations by sending requests with any non-empty Bearer token in the Authorizati...

PT-2026-1473

Name of the Vulnerable Software and Affected Versions VanKarWai Calafate versions through 1.7.7 Description The software contains a flaw related to improper control of filename handling for include/require statements, leading to a PHP Local File Inclusion issue. This allows for the inclusion of...

EyouCMS 跨站脚本漏洞

EyouCMS is an open source content management system CMS based on ThinkPHP by China Eyou Eyou Company. A cross-site scripting vulnerability exists in EyouCMS 1.7.7 and earlier versions, which stems from incorrect manipulation of the parameter content in the file application/home/model/Ask.php, whi...

UTT 512W 安全漏洞

The UTT Progressive 512W is an enterprise-grade wireless router from Atech UTT designed for small and medium-sized businesses SOHO and similarly sized network environments for access scenarios of 30 to 50 users. UTT Progressive 512W suffers from a buffer overflow vulnerability that originates fro...

UTT 512W 安全漏洞

The UTT Progressive 512W is an enterprise-grade wireless router from Atech UTT designed for small and medium-sized businesses SOHO and similarly sized network environments for access scenarios of 30 to 50 users. UTT Progressive 512W suffers from a buffer overflow vulnerability that originates fro...

UTT 512W 缓冲区错误漏洞

The UTT Progressive 512W is an enterprise-grade wireless router from Atech UTT designed for small and medium-sized businesses SOHO and similarly sized network environments for access scenarios of 30 to 50 users. The UTT Progress 512W suffers from a memory corruption vulnerability that originates...

EUVD-2025-36556

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Versions 1.7.7 through 2.0.1 allow persistent HTML injection via the unsanitized attachment filename attachmentname when attachments are enabled. An attacker can modify attachmentname before encryption so that,...

CVE-2025-62796 PrivateBin persistent HTML injection in attachment filename enables redirect and defacement

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. Versions 1.7.7 through 2.0.1 allow persistent HTML injection via the unsanitized attachment filename attachmentname when attachments are enabled. An attacker can modify attachmentname before encryption so that,...

PT-2024-36176 · Inspireui · Inspireui Listapp Mobile Manager

Name of the Vulnerable Software and Affected Versions: InspireUI ListApp Mobile Manager versions 1.7.7 and earlier Description: The issue is related to an Authentication Bypass Using an Alternate Path or Channel, which allows unauthorized access. Recommendations: For versions 1.7.7 and earlier,...

CVE-2024-43212

Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through 1.7.7...

academic-chatgpt (>=0.3.0 <=0.4.1), africanwhisper (>=0.2.1 <=0.9.0) +318 more potentially affected by CVE-2024-47872 via gradio (>=1.7.7 <=4.8.0)

gradio PYPI version =1.7.7, =0.3.0, =0.2.1, =0.1.5, =0.0.6, =0.0.1, =0.1.0, =0.8.11, =0.4.0, =0.0.4, =0.7.0.dev134, =0.7.0.dev143 - anymodality =0.1.0 - apillava =0.1.0 and more Source cves: CVE-2024-47872 Source advisory: OSV:PYSEC-2024-220...

academic-chatgpt (>=0.3.0 <=0.4.1), africanwhisper (>=0.2.1 <=0.9.0) +318 more potentially affected by CVE-2024-47867 via gradio (>=1.7.7 <=4.8.0)

gradio PYPI version =1.7.7, =0.3.0, =0.2.1, =0.1.5, =0.0.6, =0.0.1, =0.1.0, =0.8.11, =0.4.0, =0.0.4, =0.7.0.dev134, =0.7.0.dev143 - anymodality =0.1.0 - apillava =0.1.0 and more Source cves: CVE-2024-47867 Source advisory: OSV:PYSEC-2024-216...

PT-2024-27661 · Unknown · Simple Post Notes

Name of the Vulnerable Software and Affected Versions: Simple Post Notes versions n/a through 1.7.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...

WordPress plugin Pie Register 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-24394 · Unknown · Digital Publications By Supsystic

Name of the Vulnerable Software and Affected Versions: Supsystic Digital Publications versions 1.7.7 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the software, allowing unauthorized actions to be performed on behalf of a user without their knowledge or consent...