14 matches found
EUVD-2026-16389
Improper Handling of Case Sensitivity vulnerability in Drupal OpenID Connect / OAuth client allows Privilege Escalation.This issue affects OpenID Connect / OAuth client: from 0.0.0 before 1.5.0...
Raytha CMS 安全漏洞
Raytha CMS is a content management system developed by the American company Raytha. Versions of Raytha CMS prior to 1.5.0 contained security vulnerabilities. These vulnerabilities stemmed from the password reset function’s user enumeration feature. Differences in messages might allow attackers to...
EUVD-2017-16665
Malware in sbrugna...
Mattermost Confluence Plugin has Missing Authorization vulnerability
Mattermost Confluence Plugin versions 1.5.0 fail to check user access to the channel, allowing attackers to create a channel subscription without proper access to the channel via an API call to the edit channel subscription endpoint...
CVE-2025-53857 Lack of Authorization on Get Channel Subscriptions for Autocomplete in Mattermost Confluence Plugin
Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the GET autocomplete/GetChannelSubscriptions endpoint...
PT-2025-32581 · WordPress · Mattermost Confluence Plugin
Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin does not properly handle unexpected request bodies. Attackers can exploit this to crash the plugin by repeatedly sending invalid request bodies...
PT-2025-32576 · WordPress · Mattermost Confluence Plugin
Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin is susceptible to a denial-of-service issue. Attackers can crash the plugin by repeatedly sending invalid request bodies to the update channel...
PT-2025-32580 · Mattermost · Mattermost Confluence Plugin
Name of the Vulnerable Software and Affected Versions: Mattermost Confluence Plugin versions prior to 1.5.0 Description: The Mattermost Confluence Plugin does not verify user access to Confluence spaces. This allows attackers to create subscriptions for Confluence spaces that a user does not have...
WordPress Media Library Tools plugin < 1.5.0 - Author+ Stored XSS via SVG vulnerability
Author+ Stored XSS via SVG vulnerability discovered by Bob Matyas in WordPress Plugin Media Library Tools versions 1.5.0...
AZL-64791 CVE-2024-33394 affecting package kubevirt for versions less than 1.5.0-2
An issue in kubevirt kubevirt v1.2.0 and before allows a local attacker to execute arbitrary code via a crafted command to get the token component...
Easy!Appointments 输入验证错误漏洞
Easy!Appointments is a web-based appointment and schedule management system. An input validation error vulnerability exists in versions of Easy!Appointments prior to 1.5.0, which originates from a redirect that opens up...
Open Media Player 跨站脚本漏洞
Open Media Player is a mainstream audio and video player service open-sourced by the IET at the OU. A cross-site scripting vulnerability exists in versions of Open Media Player prior to 1.5.0, which stems from the fact that incorrect manipulation of the parameter ttmlurl can lead to cross-site...
PT-2021-18239 · Hedgedoc · Hedgedoc
Name of the Vulnerable Software and Affected Versions: HedgeDoc versions prior to 1.5.0 Description: The issue affects HedgeDoc, an open-source collaborative markdown editor, where an attacker can receive arbitrary files from the file system when exporting a note to PDF. This exploit requires the...
CVE-2017-7689
A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all versions before 1.5.0...