15 matches found
CVE-2026-3528 Calculation Fields - Moderately critical - Cross-site Scripting - SA-CONTRIB-2026-023
Improper Neutralization of Input During Web Page Generation "Cross-site Scripting" vulnerability in Drupal Calculation Fields allows Cross-Site Scripting XSS.This issue affects Calculation Fields: from 0.0.0 before 1.0.4...
CVE-2025-62034
Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through 1.0.4...
EUVD-2025-38087
Incorrect Privilege Assignment vulnerability in uxper Togo togo.This issue affects Togo: from n/a through 1.0.4...
PT-2025-45300
Name of the Vulnerable Software and Affected Versions uxper Togo versions prior to 1.0.4 Description A missing authorization issue exists in uxper Togo. Recommendations Update to version 1.0.4 or later...
PT-2025-45301
Name of the Vulnerable Software and Affected Versions uxper Togo versions prior to 1.0.4 Description An incorrect privilege assignment issue exists in uxper Togo togo. The issue involves improper access control, potentially allowing unauthorized actions. Recommendations Update uxper Togo to versi...
WordPress plugin Togo 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
Claude Code 操作系统命令注入漏洞
Claude Code is an open source proxy coding tool from Anthropic. An operating system command injection vulnerability exists in versions of Claude Code prior to 1.0.4, which stems from an overly broad list of allowed security commands that could lead to unacknowledged file reads and network transfe...
Drupal Config Pages Viewer 安全漏洞
Drupal Config Pages Viewer is a configuration viewer for the Drupal community. A security vulnerability exists in Drupal Config Pages Viewer versions prior to 1.0.4, which stems from a lack of authentication for critical functions and could lead to improper access control...
PT-2023-16494 · Answerdev · Answer
Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.4 Description: The issue is related to Cross-site Scripting XSS - DOM, which allows an attacker to execute malicious scripts in the context of a user's session. This can lead to unauthorized actions on...
PT-2023-1380 · Answer · Answer
Name of the Vulnerable Software and Affected Versions: answerdev/answer versions prior to 1.0.4 Description: The issue is related to improper access control in the password reset procedure of the answer knowledge sharing service. This can allow a remote attacker to gain unauthorized access to...
PT-2022-10232 · Unknown · Inikulin Replicator
Name of the Vulnerable Software and Affected Versions: inikulin replicator versions prior to 1.0.4 Description: A deserialization issue in the inikulin replicator allows remote attackers to run arbitrary code via the fromSerializable function in the TypedArray object. Recommendations: For version...
MyGraph 跨站脚本漏洞
MyGraph is renlm individual developers an integrated permissions management system, unified user authentication center, real-time dynamic gateway agent and online document management and many other powerful features in one of the backend system development template. A security vulnerability exist...
PT-2021-15438 · Unknown · Nested-Object-Assign
Name of the Vulnerable Software and Affected Versions: nested-object-assign versions prior to 1.0.4 Description: The issue concerns Prototype Pollution via the default function. Recommendations: For versions prior to 1.0.4, update to version 1.0.4 or later to resolve the issue...
websocket-extensions denial of service vulnerability
websocket-extensions is an open source WebSocket generic extension manager . A security vulnerability exists in websocket-extensions npm versions prior to 1.0.4. An attacker can exploit this vulnerability to cause a denial of service with the Sec-WebSocket-Extensions header...
Irssi Denial of Service Vulnerability (CNVD-2017-22565)
Irssi is a free, open source IRC client for use in Linux and Unix operating systems. A security vulnerability exists in versions of Irssi prior to 1.0.4. An attacker can exploit this vulnerability to cause a denial of service null pointer backreference...