CVE-2026-41551

ROS# vulnerability CVE-2026-41551 affects all versions

CVE-2026-41551

A vulnerability has been identified in ROS All versions V2.2.2. Affected versions contain a path traversal vulnerability because user input is not properly sanitized. This could allow a remote attacker to access arbitrary files on the device...

mosparo Cross-Site Request Forgery Vulnerability

mosparo is modern spam protection. A cross-site request forgery vulnerability exists in mosparo versions prior to 2.2.2, which stems from a cross-site request forgery vulnerability in the logout feature...

Modoboa Cross-Site Scripting Vulnerability

modoboa is an email hosting and management platform for individual developers. A cross-site scripting vulnerability exists in versions prior to modoboa 2.2.2, which originated at https://demo.modoboa.org/user/profile/中存在跨站脚本漏洞...

PT-2023-6576 · WordPress · Aajoda Testimonials

Name of the Vulnerable Software and Affected Versions: Aajoda Testimonials WordPress plugin versions prior to 2.2.2 Description: The issue is related to the lack of sanitization and escaping of some settings in the Aajoda Testimonials WordPress plugin, which could allow high-privilege users, such...

PT-2023-16800 · Mlflow · Mlflow

Name of the Vulnerable Software and Affected Versions: mlflow versions prior to 2.2.2 Description: The issue is related to an Absolute Path Traversal in the GitHub repository mlflow/mlflow. Recommendations: For versions prior to 2.2.2, update to version 2.2.2 or later to resolve the issue...

Gotify 跨站脚本漏洞

Gotify is a simple server to send and receive messages. A cross-site scripting vulnerability exists in Gotify server versions prior to 2.2.2, which stems from an XSS vulnerability that allows an authenticated user to upload an html file, which allows an attacker to execute client-side script and...

PT-2023-24094 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: gpac/gpac versions prior to 2.2.2 Description: A Heap-based Buffer Overflow issue has been identified. The estimated number of potentially affected devices worldwide is not available. There is no information about real-world incidents where...

ATutor LMS install_modules.php CSRF Remote Code Execution Vulnerability

ATutor is an open source Web-based learning content management system LCMS developed by the ATutor team. The system includes teaching content management, forums, chat rooms and other modules. A cross-site request forgery vulnerability exists in the installmodules.php file in versions prior to...

CVE-2013-2111

The IMAP functionality in Dovecot before 2.2.2 allows remote attackers to cause a denial of service infinite loop and CPU consumption via invalid APPEND parameters...