5 matches found
SUSE CVE-2026-44059
A race condition in the privilege toggle mechanism in Netatalk 2.2.5 through 4.4.2 allows a local attacker to obtain limited information, modify limited data, or cause a minor service disruption...
CVE-2025-60101
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in duongancol Woostify woostify allows Stored XSS.This issue affects Woostify: from n/a through = 2.4.2...
YunzMall 安全漏洞
YunzMall is an e-commerce solution from the Chinese company YunzMall. A security vulnerability exists in YunzMall 2.4.2 and earlier versions, which stems from a manipulation of the parameter pwd that can lead to weakened password recovery...
CVE-2022-26650
In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pattern.matchesconditionData.getParamValue, realData to make judgments, where both parameters are controllable by the user. This can cause an attacker pass in malicious regular expressions and characters causing a resource...
Zend Framework XML External Entity Injection Vulnerability
Zend Framework ZF is the United States Zend company developed a set of open source PHP5 development framework , it is mainly used for the development of Web programs and services. An XML external entity injection vulnerability exists in ZF versions 2.4.2 and earlier and 1.12.13 and earlier. An...