5 matches found
PT-2026-48738
Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.5.6 Description An approval policy bypass exists in the Skill Workshop apply flow. This issue allows agent tool calls to set the apply variable to true even when the approvalPolicy is configured as pending. An...
CVE-2026-2670
Affected product/versions: Advantech WISE-6610 (1.2.1_20251110). Vulnerable component/file: /cgi-bin/luci/admin/openvpn_apply in the Background Management module. Root cause / condition: Manipulation of the argument delete_file enables an OS command injection. Impact: Remote execution possible wi...
CVE-2022-38539
Archery v1.7.5 to v1.8.5 was discovered to contain a SQL injection vulnerability via the where parameter at /archive/apply...
CVE-2025-8921
A vulnerability has been found in code-projects Job Diary 1.0. Affected by this issue is some unknown functionality of the file /user-apply.php. The manipulation of the argument jobtitle leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and...
CVE-2025-8921
Code-Projects Job Diary 1.0 is affected by a SQL injection in /user-apply.php via the job_title parameter. Several connected documents confirm remote exploitation and public disclosure of the exploit. The exact vulnerable functionality is unknown beyond that the issue arises in /user-apply.php. R...