WordPress plugin Independent Analytics 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-25775

A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, integrity of uploaded...

EUVD-2026-25362

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or authorization on the SenseLive config application. The service accepts management connections from any reachable host, enabling unrestricted...

PT-2026-34810

Name of the Vulnerable Software and Affected Versions SenseLive X3050 affected versions not specified Description The embedded management service in the SenseLive config application lacks authentication and authorization. This allows any reachable host to establish full administrative control and...

Malicious code in clean-order (npm)

The package 'clean-order' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

OpenProject 代码问题漏洞

OpenProject is an open-source web-based project management software. Versions of OpenProject prior to 17.2.0 had code vulnerabilities. These vulnerabilities stemmed from SMTP test endpoints and Webhooks, which allowed any host and port value to be accepted, potentially leading to internal network...

Malicious code in testdir12345 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9495556846ded2e31945f35514295ac0e4d08659ae81b7dfa225a399fa3522e3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2018-2191 · D Link · D-Link Central Wifimanager Cwm-100

Name of the Vulnerable Software and Affected Versions: D-Link Central WiFiManager CWM-100 version 1.03 r0098 Description: The issue concerns the MailConnect feature, which is supposed to check connections to an SMTP server but actually allows outbound TCP to any port on any IP address. This leads...

Snort 2 - DCE/RPC Preprocessor Buffer Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Snort 2 DCE/RPC preprocessor Buffer...