5 matches found
PT-2026-50811
Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions 9.13 through 9.15 Description A read-only transaction bypass exists in the pgAdmin 4 AI Assistant, allowing an attacker who can influence database content read by the assistant to execute arbitrary SQL with the privileges of...
CVE-2025-14061 Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.0.7 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
The Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker for GDPR, CCPA & ePrivacy : WP Cookie Consent plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check on the gdprdeletepolicydata function in all versions up to, and...
WordPress Email Template Designer – WP HTML Mail 3.0.9 Cross Site Scripting Vulnerability
WordPress Email Template Designer – WP HTML Mail plugin versions 3.0.9 and below suffer from a cross site scripting vulnerability. Exploit makes it possible for unauthenticated attackers to achieve complete site takeover. On December 23, 2021 the Wordfence Threat Intelligence team initiated the...
Oracle JDK/JRE: Multiple vulnerabilities
Background Java Platform, Standard Edition Java SE lets you develop and deploy Java applications on desktops and servers, as well as in today’s demanding embedded environments. Java offers the rich user interface, performance, versatility, portability, and security that today’s applications...
[waraxe-2007-SA#051] - Sql Injection in 2z Project 0.9.5
waraxe-2007-SA051 - Sql Injection in 2z Project 0.9.5 ==================================================================== Author: Janek Vind "waraxe" Date: 23. May 2007 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-51.html Target software description: Vulnerable: 2z Project 0.9.5...