EUVD-2025-202701

A Cross-Site Request Forgery CSRF in the /admin/admin.inc.php component of EasyImages 2.0 v2.8.6 and below allows attackers to escalate privileges to Administrator via user interaction with a malicious web page...

EasyImages 安全漏洞

EasyImages is a thin wrapper on PIL by Jakub Cieslik individual developer. It is used for exploring, visualizing and sharing images. A security vulnerability exists in EasyImages 2.0 2.8.6 and earlier versions, which stems from cross-site request forgery and could lead to elevation of privilege...

CVE-2025-65471

CVE-2025-65471 affects EasyImages 2.0 up to v2.8.6, with an arbitrary file upload in /admin/manager.php that can lead to remote code execution via a crafted PHP upload. Root cause described as improper file upload handling. Public references from multiple feeds confirm the vulnerability; PT-Secur...

EasyImages 安全漏洞

EasyImages is a thin wrapper on PIL by Jakub Cieslik individual developer. It is used for exploring, visualizing and sharing images. A security vulnerability exists in EasyImages 2.0 2.8.6 and earlier versions, which stems from improper file renaming functionality and could lead to the execution ...

CVE-2025-66527

Missing Authorization vulnerability in VanKarWai Lobo lobo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lobo: from n/a through = 2.8.6...

PT-2025-49875

CVE-2025-66527 Missing Authorization vulnerability in VanKarWai Lobo lobo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lobo: from n/a t… https://t.co/PPje4l4kqr...

WordPress plugin Cost of Goods for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin EventPrime 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2023-31840 · WordPress · Uncode

Name of the Vulnerable Software and Affected Versions: Uncode - Creative & WooCommerce WordPress Theme versions 2.8.6 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. This...

PT-2023-24295 · Unknown · Eventprime

Name of the Vulnerable Software and Affected Versions: EventPrime plugin versions = 2.8.6 Description: The issue is related to an Unauth. Reflected XSS Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing them to ste...

CVE-2022-24715

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Authenticated users, with access to the configuration, can create SSH resource files in unintended directories, leading to the execution of arbitrary code. This issue has been resolved in versions 2.8.6...

ALPINE-CVE-2019-14856

ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None...

CVE-2019-14856

ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None...