WordPress plugin PatioTime 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress coreActivity plugin < 2.1 - Unauthenticated IP Spoofing vulnerability

Unauthenticated IP Spoofing vulnerability discovered by Erwan LR WPScan in WordPress Plugin coreActivity: Activity Logging plugin for WordPress versions 2.1...

WordPress Favicon Generator plugin < 2.1 - Arbitrary File Deletion via CSRF vulnerability

Arbitrary File Deletion via CSRF vulnerability discovered by Daniel Ruf in WordPress Plugin Favicon Generator versions 2.1...

PT-2025-46261

Name of the Vulnerable Software and Affected Versions Slippy Slider – Responsive Touch Navigation Slider plugin for WordPress versions prior to 2.1 Description The Slippy Slider plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'slippy-slider' shortcode. Insufficient...

LuaJIT 安全漏洞

LuaJIT is a LuaJIT open source on-the-fly compiler for the Lua language. A security vulnerability exists in LuaJIT 2.1 and earlier versions, which stems from an out-of-bounds read in the stack overflow handler in ljstate.c. The vulnerability is caused by the presence of an out-of-bounds read in t...

PT-2024-31097 · Apple · Visionos +6

Name of the Vulnerable Software and Affected Versions: iOS versions prior to 18.1 iPadOS versions prior to 18.1 visionOS versions prior to 2.1 macOS Sonoma versions prior to 14.7.1 watchOS versions prior to 11.1 tvOS versions prior to 18.1 Description: The issue allows a malicious app to access...

WordPress plugin Fan Page Widget by ThemeNcode 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin Fan Pag...

Osoft Paint Production Management SQL Injection Vulnerability

Osoft Paint Production Management is a paint production management system from the Turkish company Osoft. A SQL injection vulnerability exists in Osoft Paint Production Management versions prior to 2.1, which stems from susceptibility to SQL injection attacks...

Ulkem PtteM Kart SQL注入漏洞

Ulkem PtteM Kart is an application from Ulkem Turkey. A security vulnerability exists in Ulkem PtteM Kart versions prior to 2.1, which stems from improper neutralization of special elements, leading to SQL injection...

PT-2019-18998 · Advancecomp +4 · Advancecomp +4

Name of the Vulnerable Software and Affected Versions: AdvanceCOMP versions prior to 2.1 Description: An issue exists in the function be uint32 read located in endianrw.h, which can cause a NULL pointer dereference. This can be triggered by sending a crafted file to a binary, allowing an attacker...

Siemens RuggedCom NMS Cross-Site Scripting Vulnerability

RUGGEDCOM NMS is a Siemens enterprise solution for monitoring, configuring and maintaining RUGGEDCOM mission-critical networks. A cross-site scripting vulnerability exists in Siemens RuggedCom NMS versions prior to 2.1, which can be exploited by attackers to launch a cross-site scripting attack a...

CVE-2013-6369

Stack-based buffer overflow in the jbgdecin function in libjbig/jbig.c in JBIG-KIT before 2.1 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via a crafted image file...

CVE-2013-7020

The readheader function in libavcodec/ffv1dec.c in FFmpeg before 2.1 does not properly enforce certain bit-count and colorspace constraints, which allows remote attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via crafted FFV1 data...

Design/Logic Flaw

Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."...