10 matches found
Dockyard 访问控制错误漏洞
Dockyard is a lightweight Docker container management web interface developed by Ismail as an individual developer. Versions of Dockyard prior to 1.1.0 contained an access control vulnerability. This vulnerability stemmed from the fact that Docker container startup and shutdown operations were...
CVE-2017-18555
The booking-sms plugin before 1.1.0 for WordPress has XSS...
PT-2025-34709
Name of the Vulnerable Software and Affected Versions: TP-Link KP303 Smartplug versions prior to 1.1.0 Description: The TP-Link KP303 Smartplug is susceptible to unauthenticated protocol commands that can lead to an unintended power-off condition and potential information leak. Recommendations:...
Drupal Block Attributes 安全漏洞
Drupal Block Attributes is a configuration interface plugin for the Drupal community. A security vulnerability exists in Drupal Block Attributes versions prior to 1.1.0 and prior to 2.0.1, which stems from improper input neutralization during page generation and could lead to a cross-site scripti...
Drupal Block Attributes module < 1.1.0,2.0.0 - Unauthenticated Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module Block Attributes versions 1.1.0,2.0.0...
PT-2023-23724 · Unknown · Cloudexplorer Lite
Name of the Vulnerable Software and Affected Versions: CloudExplorer Lite versions prior to 1.1.0 Description: The issue is related to a missing permission check on the user profile in CloudExplorer Lite, an open source cloud management tool. This allows users to add themselves to any organizatio...
Uniswap Universal Router 安全漏洞
Universal Router is a Uniswap open source Uniswap Universal Router for NFT and ERC20 switching from Uniswap Labs. A security vulnerability exists in Uniswap Universal Router versions prior to 1.1.0 that stems from incorrect handling of data...
RegionProtect 参数注入漏洞
RegionProtect is a plugin. A security vulnerability exists in versions of RegionProtect prior to 1.1.0, which stems from a YAML injection issue in the application. An attacker can exploit the vulnerability by passing mismatched parameters to achieve denial of service attacks...
PT-2021-22653 · Unknown · Ipack Scada
Name of the Vulnerable Software and Affected Versions: Ipack SCADA Software versions prior to 1.1.0 Description: The issue is related to improper handling of parameters, allowing Blind SQL Injection. This can potentially be exploited to extract or modify sensitive data from the database...
Synology Chat Server-Side Request Forgery Vulnerability
Synology Chat is a live chat tool from Synology. link preview is one of the link preview components. A server-side request forgery vulnerability exists in link preview in Synology Chat versions prior to 1.1.0-0806. A remote attacker can exploit this vulnerability to gain access to internal...