CVE-2026-22850 Koko Analytics vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import

Koko Analytics is an open-source analytics plugin for WordPress. Versions prior to 2.1.3 are vulnerable to arbitrary SQL execution through unescaped analytics export/import and permissive admin SQL import. Unauthenticated visitors can submit arbitrary path pa and referrer r values to the public...

CVE-2025-53046

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Analytics. The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle ZFS Storage Appliance Kit...

EUVD-2017-1838

Malware in sbrugna...

EUVD-2020-26787

Malware in sbrugna...

EUVD-2021-25323

Malware in sbrugna...

EUVD-2017-10799

Malware in sbrugna...

EUVD-2021-19581

Malware in sbrugna...

SICK AG Enterprise Analytics 安全漏洞

SICK AG Enterprise Analytics is a package analysis software from SICK AG, Germany. A security vulnerability exists in SICK AG Enterprise Analytics that stems from unvalidated POST request data that could result in logging of jumbo payloads...

EUVD-2023-54450

Malicious code in bioql PyPI...

EUVD-2024-17328

Malicious code in bioql PyPI...

EUVD-2023-39046

Malicious code in bioql PyPI...

EUVD-2024-18853

Malicious code in bioql PyPI...

PT-2025-40613

Zoho Office Suite holds an A security rating from UpGuard 829/950 as of 2025, with strong postures in encryption, SOC 2 Type II, and ISO 27001 compliance. Known issues include patched vulnerabilities like SQL injections CVE-2025-9428 in Analytics. No major breaches in 2025. It's ranked highly for...

CVE-2025-0917

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially...

CVE-2024-8662

The Koko Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.3.12. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages...

CVE-2025-20256

A vulnerability in the web-based management interface of Cisco Secure Network Analytics Manager and Cisco Secure Network Analytics Virtual Manager could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as root on the underlying operating...

Drupal Matomo Analytics Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Drupal Matomo Analytics allows Cross Site Request Forgery. This issue affects Matomo Analytics: from 0.0.0 before 1.24.0...

CVE-2025-1724

Affected products: Zohocorp’s ManageEngine Analytics Plus and Zoho Analytics on‑premise, versions older than 6130. Root cause: hardcoded sensitive token leading to an AD‑only account takeover. Impact: potential unauthorized AD account access; impact details are as described in the sources. Exploi...

CVE-2024-40693

IBM Planning Analytics 2.0 and 2.1 are vulnerable to a malicious file upload via the web interface due to lack of content validation. This could allow uploading executable files leading to compromise of victims. Remediation per IBM Security Bulletin: upgrade to IBM Planning Analytics Workspace re...

CVE-2025-23743

Cross-Site Request Forgery CSRF vulnerability in MartijnScheijbeler Social Analytics social-analytics allows Stored XSS.This issue affects Social Analytics: from n/a through = 0.2...