8 matches found
CVE-2026-42031
CKAN is an open-source DMS data management system for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, a vulnerability in datastoresearchsql allowed attackers to inject SQL in order to gain access to private resources and PostgreSQL system information This vulnerability is fixed ...
WordPress Plugin Web Accessibility By accessiBe 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...
i-Educar 安全漏洞
i-Educar is a free educational software from Portábilis Open Source. A security vulnerability exists in i-Educar version 2.10 and earlier, which stems from a SQL injection due to the incorrect operation of the parameter refcodaluno in the file educarhistoricoescolarlst.php...
Portabilis i‑Diário 安全漏洞
Portabilis i-Diário is an open source school academic calendar and teacher interaction management system from Portabilis, Brazil. A security vulnerability exists in Portabilis i-Diário version 2.10 and earlier, which stems from a SQL injection attack due to incorrect manipulation of the parameter...
WordPress amr personalise plugin <= 2.10 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO in WordPress Plugin amr personalise versions = 2.10...
Cisco Common Services Platform Collector 跨站脚本漏洞
Cisco Common Services Platform Collector CSPC is a common services platform data collector from Cisco USA. The product analyzes network performance and identifies risks and vulnerabilities by polling basic inventory and configuration data from Cisco devices.Cisco Common Services Platform Collecto...
Faad2 缓冲区错误漏洞
Freeware Advanced Audio Decoder 2 FAAD2 is an open source MPEG-4 and MPEG-2 AAC decoder licensed under the GPLv2 license. ltprediction function in ltpredict.c in FAAD2 2.10.0 and earlier versions is vulnerable to a heap buffer overflow vulnerability. An attacker could exploit this vulnerability t...
libpurple: invalid UTF-8 string handling in SILC messages
The gmarkupescapetext function in the SILC protocol plug-in in libpurple 2.10.0 and earlier, as used in Pidgin and possibly other products, allows remote attackers to cause a denial of service crash via invalid UTF-8 sequences that trigger use of invalid pointers and an out-of-bounds read, relate...