EUVD-2025-209783

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows SQL Injection. This issue affects E-Commerce Website: before 4.5.001...

CVE-2025-8079 Reflected XSS in Akıllı Ticaret Software Technologies' Smart Trade E-Commerce

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Akıllı Ticaret Software Technologies Ltd. Co. Smart Trade E-Commerce allows Reflected XSS. This issue affects Smart Trade E-Commerce: before 4.5.0.0.1...

YesWiki 跨站脚本漏洞

YesWiki is a wiki system written in PHP by the French organization YesWiki. It is used to create and manage websites in a collaborative manner. A cross-site scripting vulnerability exists in YesWiki versions prior to 4.5.4, which stems from a cross-site scripting attack on the /?BazaR endpoint an...

Flask App Builder 安全漏洞

Flask App Builder is a simple and fast application development framework by Daniel Vaz Gaspar Personal Developer. A security vulnerability exists in Flask App Builder versions prior to 4.5.3, which stems from an unauthenticated user being able to enumerate existing usernames...

CVE-2024-26155

All versions of ETIC Telecom Remote Access Server RAS prior to 4.5.0 expose clear text credentials in the web portal. An attacker can access the ETIC RAS web portal and view the HTML code, which is configured to be hidden, thus allowing a connection to the ETIC RAS ssh server, which could enable ...

PT-2024-16787 · Valor Apps · Easy Folder Listing Pro

Name of the Vulnerable Software and Affected Versions: Valor Apps Easy Folder Listing Pro versions prior to 3.8 and 4.5 Description: The issue is a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Joomla! applicatio...

Qualys Cloud Agent 代码问题漏洞

Qualys Cloud Agent is a lightweight application from Qualys USA, Inc. A single agent for real-time, global visibility and response. A security vulnerability exists in Qualys Cloud Agent versions prior to 4.5.3.1, which stems from a malicious copy of the Dependency Link Library DLL that allows an...

PT-2022-18727 · Cynet · Cynet 360 Web Portal

Name of the Vulnerable Software and Affected Versions: Cynet 360 Web Portal versions prior to 4.5 Description: The issue allows attackers to access a list of excluded files and profiles via a crafted GET request sent to "/WebApp/SettingsExclusion/GetExclusionsProfiles". Recommendations: For...

OXID eSales OXID eShop Spoofing Vulnerability

OXID eSales OXID eShop is a set of e-commerce content management system of Germany OXID eSales company. The system includes B2C, B2B and other modules. A spoofing vulnerability exists in the OpenID Single Sign-On authentication feature in OXID eSales OXID eShop versions prior to 4.5.0. A remote...

DEBIAN-CVE-2015-1029

The puppetlabs-stdlib module 2.1 through 3.0 and 4.1.0 through 4.5.x before 4.5.1 for Puppet 2.8.8 and earlier allows remote authenticated users to gain privileges or obtain sensitive information by prepopulating the fact cache...