6 matches found
CVE-2025-13984 Next.js - Critical - Access bypass - SA-CONTRIB-2025-122
Permissive Cross-domain Security Policy with Untrusted Domains vulnerability in Drupal Next.Js allows Cross-Site Scripting XSS.This issue affects Next.Js: from 0.0.0 before 1.6.4, from 2.0.0 before 2.0.1...
CVE-2025-59556
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup GoStore gostore allows Reflected XSS.This issue affects GoStore: from n/a through 1.6.4...
CVE-2025-58964
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup Enzy enzy allows Reflected XSS.This issue affects Enzy: from n/a through 1.6.4...
PT-2025-45249
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in skygroup Enzy enzy allows Reflected XSS.This issue affects Enzy: from n/a through 1.6.4...
PT-2023-18404 · Tribe29 · Tribe29 Checkmk Appliance
Name of the Vulnerable Software and Affected Versions: Tribe29 Checkmk Appliance versions prior to 1.6.4 Description: The issue allows authenticated site users to escalate privileges due to incorrectly set permissions. Recommendations: For versions prior to 1.6.4, update to version 1.6.4 or later...
WordPress Plugin ReviewX WordPress SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin ReviewX WordPress...