10 matches found
CVE-2026-14894
The Super Forms – Drag & Drop Form Builder plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 6.3.313 via the submitform function. This is due to missing file type validation and the absence of any capability check on the submitform nopriv AJAX...
CVE-2023-49849
Missing Authorization vulnerability in vaakash Shortcoder shortcoder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcoder: from n/a through = 6.3...
EUVD-2025-32912
Malicious code in v0-components npm...
CVE-2023-28125
An improper authentication vulnerability exists in Avalanche Premise versions 6.3.x and below that could allow an attacker to gain access to the server by registering to receive messages from the server and perform an authentication bypass...
CVE-2023-22689
Cross-Site Request Forgery CSRF vulnerability in Lucian Apostol Auto Affiliate Links plugin = 6.3 versions...
Ivanti Avalanche 竞争条件问题漏洞
Ivanti Avalanche is an enterprise mobile device management system from Ivanti, USA. The system is primarily used to manage devices such as smartphones, tablets and barcode scanners. A security vulnerability exists in Ivanti Avalanche version 6.3.x and prior versions. An attacker could exploit the...
JAL Information Technology PALLET CONTROL Access Control Error Vulnerability
JAL Information Technology PALLET CONTROL is a suite of IT asset management software from JAL Information Technology in Japan. An access control error vulnerability exists in JAL Information Technology PALLET CONTROL version 6.3 and earlier. An attacker can exploit this vulnerability to execute...
CVE-2018-4930
Adobe Experience Manager versions 6.3 and earlier have an exploitable Cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure...
CVE-2017-3469
Vulnerability in the MySQL Workbench component of Oracle MySQL subcomponent: Workbench: Security : Encryption. Supported versions that are affected are 6.3.8 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise...
VulnCheck KEV: CVE-2015-7756
The encryption implementation in Juniper ScreenOS 6.2.0r15 through 6.2.0r18, 6.3.0r12 before 6.3.0r12b, 6.3.0r13 before 6.3.0r13b, 6.3.0r14 before 6.3.0r14b, 6.3.0r15 before 6.3.0r15b, 6.3.0r16 before 6.3.0r16b, 6.3.0r17 before 6.3.0r17b, 6.3.0r18 before 6.3.0r18b, 6.3.0r19 before 6.3.0r19b,...