Raytha CMS 跨站请求伪造漏洞

Raytha CMS is a content management system developed by the American company Raytha. Versions of Raytha CMS prior to 1.4.6 contained a cross-site request forgeing vulnerability. This vulnerability stemmed from multiple endpoints allowing cross-site request forgery, which could enable attackers to...

Raytha CMS 跨站脚本漏洞

Raytha CMS is a content management system developed by the American company Raytha. Versions of Raytha CMS prior to 1.4.6 contained a cross-site scripting vulnerability. This vulnerability stemmed from the FieldValues1.Value parameter in the article editing function, which allowed for stored...

WordPress plugin VW School Education 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

EUVD-2022-1203

Malicious code in bioql PyPI...

CVE-2022-1223

Incorrect Authorization in GitHub repository phpipam/phpipam prior to 1.4.6...

PT-2024-37733 · WordPress · Web/Woocommerce Addons For Wpbakery Builder

Name of the Vulnerable Software and Affected Versions: Web and WooCommerce Addons for WPBakery Builder plugin for WordPress versions prior to 1.4.6 Description: The issue allows authenticated attackers with Subscriber-level access and above to modify plugin settings due to a missing capability...

phpIPAM 安全漏洞

phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A security vulnerability exists in versions prior to phpipam 1.4.6 that stems from incorrect authorization in the application...

phpIPAM 安全漏洞

phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A security vulnerability exists in versions prior to phpipam 1.4.6 that stems from incorrect privilege assignment in the application...

PT-2020-19738 · Deeps · Deeps

Name of the Vulnerable Software and Affected Versions: deeps versions prior to 1.4.6 Description: The issue concerns Prototype Pollution via the set function. This allows for potential manipulation of object properties, which could lead to various security issues. Recommendations: For versions...

Xapian xapian-core Cross-Site Scripting Vulnerability

Xapian xapian-core is a Xapian project using C++ language written in open source search engine library . A cross-site scripting vulnerability exists in the queryparser/termgeneratorinternal.cc file in Xapian xapian-core versions prior to 1.4.6, which stems from the 'Xapian::MSet::snippet' functio...

PT-2022-13726 · Phpipam +1 · Phpipam +1

Name of the Vulnerable Software and Affected Versions: phpipam/phpipam versions prior to 1.4.6 Description: The issue is related to improper access control, which can lead to incorrect authorization. Recommendations: For versions prior to 1.4.6, update to version 1.4.6 or later to resolve the iss...

PT-2014-3000 · Open Information Security Foundation · Suricata

Name of the Vulnerable Software and Affected Versions: Suricata versions prior to 1.4.6 Description: The issue allows remote attackers to cause a denial of service, resulting in a crash, by sending a malformed SSL record. Recommendations: For versions prior to 1.4.6, update to version 1.4.6 or...

DEBIAN-CVE-2005-2215

Cross-site scripting XSS vulnerability in MediaWiki before 1.4.x before 1.4.6 and 1.5 before 1.5beta3 allows remote attackers to inject arbitrary web script or HTML via a parameter in the page move template, a different vulnerability than CVE-2005-1888...