CVE-2017-14397

AnyDesk before 3.6.1 on Windows has a DLL injection vulnerability...

CVE-2024-47846

Cross-Site Request Forgery CSRF vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows Cross Site Request Forgery.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...

CVE-2024-47849

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in The Wikimedia Foundation Mediawiki - Cargo allows SQL Injection.This issue affects Mediawiki - Cargo: from 3.6.X before 3.6.1...

MediaWiki Cargo 安全漏洞

MediaWiki Cargo is an extension of the American Wikimedia MediaWiki Foundation. A security vulnerability exists in MediaWiki Cargo version 3.6.X prior to 3.6.1, which stems from the presence of a SQL injection vulnerability...

PT-2024-27930 · Alcasar · Alcasar

Name of the Vulnerable Software and Affected Versions: ALCASAR versions prior to 3.6.1 Description: The issue allows remote code execution in the email registration back.php file. Recommendations: For versions prior to 3.6.1, update to version 3.6.1 or later to resolve the issue...

VulnCheck KEV: CVE-2022-0867

The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users...

Nextcloud 跨站脚本漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A cross-site scripting vulnerability exists in Nexcloud desktop versions prior to 3.6.1, which originates from an attacker being able to inject arbitrary...

Engine.IO 安全漏洞

Engine.IO is a transport-based implementation of Socket.IO's cross-browser/cross-device bi-directional communication layer.A denial-of-service vulnerability exists in versions of Socketio Engine.IO prior to 3.6.1, 4.0.0 and later, and prior to 6.2.1, which stems from a failure to properly handle...

CVE-2022-0867

The Pricing Table WordPress plugin before 3.6.1 fails to properly sanitize and escape user supplied POST data before it is being interpolated in an SQL statement and then executed via an AJAX action available to unauthenticated users...

SilverStripe CMS User Enumeration Vulnerability

SilverStripe CMS is a New Zealand SilverStripe company's open source programming framework and content management system CMS. The system has support for multiple languages , cross-platform and other features . A security vulnerability exists in the login and password reset forms in SilverStripe C...

DEBIAN-CVE-2014-3614

Unspecified vulnerability in PowerDNS Recursor aka pdnsrecursor 3.6.x before 3.6.1 allows remote attackers to cause a denial of service crash via an unknown sequence of malformed packets...

DEBIAN-CVE-2013-4340

wp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified userID parameter...

DEBIAN-CVE-2013-4338

wp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations...