PT-2025-46801

Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.2...

CVE-2025-57921

Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.3...

CVE-2025-21557

Vulnerability in Oracle Application Express component: General. Supported versions that are affected are 23.2 and 24.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Express. Successful attacks require human interacti...

PT-2025-4278 · Oracle · Oracle Application Express

Name of the Vulnerable Software and Affected Versions: Oracle Application Express versions 23.2 through 24.1 Description: The issue is related to insufficient authorization procedure in the General component of Oracle Application Express. It allows a low-privileged attacker with network access vi...

Oracle Application Express 安全漏洞

Oracle Application Express is a low-code development platform from Oracle Corporation USA. A security vulnerability exists in Oracle Application Express version 23.2 and version 24.1. An attacker could exploit the vulnerability to update, insert, or delete portions of Oracle Application Express...

PT-2024-7157 · Oracle · Oracle Application Express

Name of the Vulnerable Software and Affected Versions: Oracle Application Express versions 23.2 through 24.1 Description: The issue is related to insufficient input validation in the General component of Oracle Application Express. It allows a low-privileged attacker with network access via HTTP ...

Wordpress Bookly plugin <= 23.2 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Color Profile Parameter vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting via Color Profile Parameter vulnerability discovered by 0xBishop in WordPress Plugin Bookly versions = 23.2...

OpenText AppBuilder Security Vulnerability

OpenText AppBuilder is an application from OpenText Canada. A security vulnerability exists in OpenText AppBuilder versions 21.2 through 23.2 that stems from improper input validation and allows operating system command injection...

PT-2024-13246 · Opentext · Opentext Appbuilder

Name of the Vulnerable Software and Affected Versions: OpenText AppBuilder versions 21.2 through 23.2 Description: The issue allows an unauthenticated or authenticated user to abuse a page of AppBuilder to read arbitrary files on the server. This is due to improper input validation, making files ...

PT-2024-13247 · Opentext · Opentext Appbuilder

Name of the Vulnerable Software and Affected Versions: OpenText AppBuilder versions 21.2 through 23.2 Description: The issue is related to improper input validation in the OpenText AppBuilder's Scheduler functionality, which allows authenticated users to inject arbitrary operating system commands...