7 matches found
CVE-2011-10022
CVE-2011-10022 concerns SPlayer up to version 3.7, vulnerable to a stack-based buffer overflow while processing an HTTP response with an overly long Content-Type header. The underlying cause is improper bounds checking on the header value, allowing an attacker to overwrite the Structured Exceptio...
CVE-2025-22349
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Marka WordPress Auction Plugin wp-auctions allows SQL Injection.This issue affects WordPress Auction Plugin: from n/a through = 3.7...
PT-2022-19381 · Jenkins · Jenkins Jira Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Jira Plugin versions 3.7 and earlier, except version 3.6.1 Description: The issue is related to a stored cross-site scripting XSS vulnerability. It occurs because the Jenkins Jira Plugin does not escape the name and description of Jir...
Spree Authorization Bypass Vulnerability
Spree is a personal developer of an open source mall developed using Ruby on Rails. A security vulnerability exists in Spree versions 3.7 through 3.7.13, 4.0.5, and 4.1.12, which stems from an authorization bypass vulnerability. An attacker can exploit the vulnerability to query the API v2 order...
Unspecified vulnerability in Moodle (CNVD-2019-43886)
Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle versions 3.7 through 3.7.2 and 3.6 through 3.6.6, which stems from a failure of the Email med...
PT-2019-5214 · WordPress · Wordpress
Name of the Vulnerable Software and Affected Versions: WordPress versions 3.7 through 5.3 Description: The issue is related to a cross-site scripting XSS error in the block editor of the WordPress content management system. This error can be exploited by authorized users using a specific payload,...
Puppet Enterprise console session vulnerability
Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the U.S. It can be used to manage configuration files, users, cron tasks, packages, system services, etc. Puppet Enterprise is an enterprise version. console is one of the console tools. ...