36 matches found
1g6table (=0.1.0), 7qb (=0.0.17) +1258 more potentially affected by unknown CVE via @antv/dom-util (>=2.0.2 <=2.0.4)
@antv/dom-util NPM version =2.0.2, =1.1.0, =0.1.1, =0.1.1, =0.1.0, =0.0.2, =0.1.2, =1.0.0, =0.2.0, =1.1.15, =1.0.4, =2.1.0 - @alifd/ice-devtools =1.1.14-beta.4 and more Source cves: unknown CVE Source advisory: OSV:MAL-2026-3873...
CVE-2026-42290
protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.2.1 and 2.0.2, pbts invoked JSDoc by building a shell command string from input file paths and executing it through childprocess.exec. File paths containing shell metacharacters could therefore be interpreted by the shell inste...
Tubitak Ulakbim LiderAhenk Software 访问控制错误漏洞
Tubitak Ulakbim LiderAhenk Software is an open-source software system developed by the Turkish National Academic Network and Knowledge Center Tubitak Ulakbim. It is used for centralized management, monitoring, and control of systems and users on enterprise networks. In versions 2.0.1 to 2.0.2 of...
CVE-2026-4513 vanna-ai vanna base.py ask sql injection
A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used. T...
PT-2026-1574
Name of the Vulnerable Software and Affected Versions iPaymu Payment Gateway for WooCommerce plugin for WordPress versions up to and including 2.0.2 Description The iPaymu Payment Gateway for WooCommerce plugin for WordPress is susceptible to missing authentication. This occurs because the plugin...
WordPress Live Composer plugin <= 2.0.2 - Authenticated (Contributor+) PHP Object Injection via dslc_module_posts_output Shortcode vulnerability
Authenticated Contributor+ PHP Object Injection via dslcmodulepostsoutput Shortcode vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Page Builder: Live Composer versions = 2.0.2...
WordPress Gift Hunt plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by LIM MINHYOEK in WordPress Plugin Gift Hunt versions = 2.0.2...
EUVD-2025-202022
Missing Authorization vulnerability in mmattax Formstack Online Forms formstack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Formstack Online Forms: from n/a through = 2.0.2...
WordPress plugin Formstack Online Forms 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A security...
PT-2025-38822
Name of the Vulnerable Software and Affected Versions WPFactory Helpdesk Support Ticket System for WooCommerce versions through 2.0.2 Description The software contains a flaw related to missing authorization, allowing exploitation of incorrectly configured access control security levels...
WordPress Aitasi Coming Soon Plugin <= 2.0.2 - Deserialization of untrusted data Vulnerability
Deserialization of untrusted data Vulnerability discovered by Drew / mcdruid in WordPress Plugin Aitasi Coming Soon versions = 2.0.2...
Linux Distros Unpatched Vulnerability : CVE-2022-30321
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and...
WordPress Easy restaurant menu manager plugin <= 2.0.2 - Cross-Site Request Forgery to Menu Upload vulnerability
Cross-Site Request Forgery to Menu Upload vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Easy pdf restaurant menu upload versions = 2.0.2...
Yifang CMS 安全漏洞
Yifang CMS is a PHP enterprise website development and construction management system from China Yifang Company. A security vulnerability exists in Yifang CMS 2.0.2 and earlier versions, which stems from a cross-site scripting attack due to incorrect operation of the parameter Default Value...
CVE-2025-32626
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in JoomSky JS Job Manager js-jobs allows SQL Injection.This issue affects JS Job Manager: from n/a through = 2.0.2...
CVE-2024-33628
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in XforWooCommerce allows PHP Local File Inclusion.This issue affects XforWooCommerce: from n/a through 2.0.2...
PT-2025-5433 · Ukrsolution · Ukrsolution Barcode Generator For Woocommerce
Name of the Vulnerable Software and Affected Versions: UkrSolution Barcode Generator for WooCommerce versions 2.0.2 and earlier Description: The issue allows for the retrieval of embedded sensitive data due to the insertion of sensitive information into sent data. Recommendations: For versions...
WordPress plugin Tabs Shortcode 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2024-10135 · Drupal · Drupal Browser Back Button
Name of the Vulnerable Software and Affected Versions: Drupal Browser Back Button versions 1.0.0 through 2.0.2 Description: The issue is related to improper neutralization of input during web page generation, which allows Cross-Site Scripting XSS. This can enable a remote attacker to conduct...
08cms (=1.0.0), @artdotstyle/filepix (>=1.0.10 <=1.0.11) +427 more potentially affected by CVE-2024-21523 via images (>=2.0.2 <=3.2.4)
images NPM version =2.0.2, =1.0.10, =1.1.2, =0.0.1, =0.1.0, =1.0.1, =1.4.0, =1.1.2, =1.1.8, =0.4.0, =0.6.2 and more Source cves: CVE-2024-21523 Source advisory: SNYK:JS-IMAGES-6421826...