CVE-2026-25033

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uixthemes Motta Addons motta-addons allows Reflected XSS.This issue affects Motta Addons: from n/a through 1.6.1...

CVE-2026-25033 WordPress Motta Addons plugin < 1.6.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uixthemes Motta Addons motta-addons allows Reflected XSS.This issue affects Motta Addons: from n/a through 1.6.1...

PT-2026-27892

Name of the Vulnerable Software and Affected Versions uixthemes Motta Addons versions prior to 1.6.1 Description The software contains a flaw due to improper handling of user-supplied data when creating web pages, leading to a Reflected Cross-Site Scripting XSS condition. This allows an attacker ...

PayPal Plugin 安全漏洞

PayPal Plugin is an open source plugin for the PayPal commerce platform from Sylius eCommerce. A security vulnerability exists in PayPal Plugin versions prior to 1.6.1, prior to 1.7.1, and prior to 2.0.1, which stems from payment amount manipulation and could lead to fraud...

TxtDot 安全漏洞

TxtDot is an HTTP proxy from the TxtDot open source. A security vulnerability exists in TxtDot version 1.4.0 through versions prior to 1.6.1. A remote attacker could exploit the vulnerability to send HTTP GET requests to arbitrary targets using the server as a proxy and retrieve information on an...

SUSE CVE-2011-2698

Off-by-one error in the elemcellidaux function in epan/dissectors/packet-ansia.c in the ANSI MAP dissector in Wireshark 1.4.x before 1.4.8 and 1.6.x before 1.6.1 allows remote attackers to cause a denial of service infinite loop via an invalid packet...

jmespath.rb 安全漏洞

jmespath.rb is the Ruby implementation of JMESPath. A security vulnerability exists in jmespath.rb versions prior to 1.6.1. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud Deck versions prior to 1.4.8, 1.5.6, and 1.6.1. An attacker exploited the vulnerability to move a stack with...

CVE-2021-3570

A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause an information leak, crash, or potentially remote code execution. The highest threat from this vulnerability is to data confidentiali...

CMSUno Cross-Site Request Forgery Vulnerability

CMSUno is a tool for creating single-page responsive websites by French software developer Jacques Malgrange. A cross-site request forgery vulnerability exists in versions of CMSUno prior to 1.6.1. The vulnerability stems from a WEB application that does not adequately validate that a request is...

CVE-2020-7981

sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when withinboundingbox is used in conjunction with untrusted swlat, swlng, nelat, or nelng data...

Restafary Path Traversal Vulnerability

Restafary is a program for GRUD file manipulation. A path traversal vulnerability exists in Restafary versions prior to 1.6.1, which stems from the fact that restafary can be run at a path other than the specified root path. No details of the vulnerability are provided at this time...

Etherpad Directory Traversal Vulnerability

Etherpad is the Etherpad Foundation's open source rich-text online collaboration software . frontend tests is one of the front-end test component . A directory traversal vulnerability exists in the node/hooks/express/tests.js file in versions of Etherpad frontend tests prior to 1.6.1. An attacker...

CVE-2009-5021

Cobbler before 1.6.1 does not properly determine whether an installation has the default password, which makes it easier for attackers to obtain access by using this password...