CVE-2025-61786

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

WordPress EventON plugin <= 2.2.15 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting and Plugin Settings Updates vulnerability

Missing Authorization to Unauthenticated Stored Cross-Site Scripting and Plugin Settings Updates vulnerability discovered by Lucio Sá in WordPress Plugin EventON versions = 2.2.15...

PT-2022-11348 · Unknown · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMS Made Simple versions 2.2.15 and earlier Description: The issue concerns SQL injection in the modules/News/function.admin articlestab.php file. Specifically, the $sortby variable is concatenated with $query1, allowing for the injection of...

CMS Made Simple SQL注入漏洞

CMS Made Simple CMSMS is an open source content management system CMS by Cmsms team. The system supports role-based permission management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A security vulnerability exists in CMS Made Simple version...