CVE-2025-66292

DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. Authenticated users can delete arbitrary files on the server via path traversal. When a user logs into the administrative...

CVE-2025-66292 DPanel has an arbitrary file deletion vulnerability in /api/common/attach/delete interface

DPanel is an open source server management panel written in Go. Prior to 1.9.2, DPanel has an arbitrary file deletion vulnerability in the /api/common/attach/delete interface. Authenticated users can delete arbitrary files on the server via path traversal. When a user logs into the administrative...

WordPress WP All Export Pro plugin < 1.9.2 - Authenticated (Shop Manager+) Remote Code Execution vulnerability

Authenticated Shop Manager+ Remote Code Execution vulnerability discovered by ? in WordPress Plugin WP ALL Export Pro versions 1.9.2...

Label Studio Cross-Site Scripting Vulnerability

Label Studio is an open source data labeling tool from Heartex Open Source. Allows you to use a simple and clear UI mark audio, text, images, video and time series and other data types , and exported to a variety of model formats. A cross-site scripting vulnerability exists in Label Studio versio...

Cryptomator 安全漏洞

Cryptomator is a simple digital self-defense tool from the Cryptomator community. It is used to protect data. A security vulnerability exists in Cryptomator versions prior to 1.9.2, which stems from the MSI installer provided on the homepage allowing local privilege escalation for low privilege...

SUSE CVE-2007-0788

Cross-site scripting XSS vulnerability in MediaWiki 1.9.x before 1.9.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "sortable tables JavaScript."...

DEBIAN-CVE-2020-36599

lib/omniauth/failureendpoint.rb in OmniAuth before 1.9.2 and before 2.0 does not escape the messagekey value...

UBUNTU-CVE-2014-1427

A vulnerability in the REST API of Ubuntu MAAS allows an attacker to cause a logged-in user to execute commands via cross-site scripting. This issue affects MAAS versions prior to 1.9.2...

WordPress Landing Pages Plugin Arbitrary Code Execution Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.WordPress Landing Pages is one of the landing page plugin. A security vulnerability exists in versions of the...

Ansible chroot, jail and zone connection plugin backlink vulnerability

Ansible is a computer system configuration manager that can be used to publish, manage, and orchestrate computer systems. chroot, jail, and zone connection are among the plug-ins. chroot is a root directory modification plug-in; jail is a process or application restriction plug-in; and zone...

Ruby URI.decode_www_form_component Method Denial of Service Vulnerability

Ruby is a cross-platform, object-oriented, dynamically typed programming language developed by Japanese software developer Yukihiro Matsumoto. A security vulnerability exists in the URI.decodewwwformcomponent method in Ruby versions prior to 1.9.2-p330. A remote attacker can exploit this...

Unspecified Vulnerability in Jasypt

Jasypt is a Jasypt team developed a Java library with encryption features , it is based on standard cryptography , able to one-way or two-way encryption of passwords , text , numbers and binary files and so on. A security vulnerability exists in versions of Jasypt prior to 1.9.2. An attacker can...

Ansible Security Bypass Vulnerability

Ansible is a newly emerged operation and maintenance tool that is based on Python and combines the advantages of many old operation and maintenance tools to achieve batch operating system configuration, batch program deployment, batch running commands and other functions. A security bypass...

Ansible Bypass Security Restrictions Vulnerability

Ansible is a newly emerged operation and maintenance tool that is based on Python and combines the advantages of many old operation and maintenance tools to achieve batch operating system configuration, batch program deployment, batch running commands and other functions. A security vulnerability...