CVE-2025-47671

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LETSCMS MLM Software Binary MLM Plan binary-mlm-plan allows SQL Injection.This issue affects Binary MLM Plan: from n/a through = 3.0...

CVE-2025-47671

CVE-2025-47671 : WordPress Binary MLM Plan plugin

CVE-2025-47671 WordPress Binary MLM Plan <= 3.0 - SQL Injection Vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LETSCMS MLM Software Binary MLM Plan allows SQL Injection. This issue affects Binary MLM Plan: from n/a through 3.0...

CVE-2025-47671 WordPress Binary MLM Plan plugin <= 3.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LETSCMS MLM Software Binary MLM Plan binary-mlm-plan allows SQL Injection.This issue affects Binary MLM Plan: from n/a through = 3.0...

CVE-2024-45415

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in checkdataintegrity function. This function is responsible for validating the checksum of data in post request. The checksum is sent encrypted in the request, the function decrypts it and stores the checksu...

CVE-2024-45414

The HTTPD binary in multiple ZTE routers has a stack-based buffer overflow vulnerability in webPrivateDecrypt function. This function is responsible for decrypting RSA encrypted ciphertext, the encrypted data is supplied base64 encoded. The decoded ciphertext is stored on the stack without checki...

CVE-2024-38531

Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assu...

CVE-2024-12384

The Binary MLM Woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page’ parameter in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

CVE-2024-38443

C/sorting/binaryinsertionsort.c in The Algorithms - C through e5dad3f has a segmentation fault for deep recursion, which may affect common use cases such as sorting an array of 50 elements...

CVE-2024-36586

An issue in AdGuardHome v0.93 to latest allows unprivileged attackers to escalate privileges via overwriting the AdGuardHome binary...

CVE-2024-38462

iRODS before 4.3.2 provides an msiSendMail function with a problematic dependency on the mail binary, such as in the mailMS.cppL94-L106 reference...

CVE-2024-23684

Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation CBOR versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use...

CVE-2024-32517

Missing Authorization vulnerability in WooCommerce & WordPress Tutorials Custom Thank You Page Customize For WooCommerce by Binary Carpenter.This issue affects Custom Thank You Page Customize For WooCommerce by Binary Carpenter: from n/a through 1.4.12...

CVE-2024-10101

A stored cross-site scripting XSS vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability occurs at the /file endpoint, which renders HTML files. Malicious HTML files containing XSS payloads can be uploaded and stored in the backend, leading to the execution of the payloa...

CVE-2024-10100

A path traversal vulnerability exists in binary-husky/gptacademic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as...

CVE-2024-37202

Missing Authorization vulnerability in BinaryCarpenter Ultimate Custom Add To Cart Button Ajax For WooCommerce by Binary Carpenter custom-add-to-cart-button-for-woocommerce.This issue affects Ultimate Custom Add To Cart Button Ajax For WooCommerce by Binary Carpenter: from n/a through = 1.222.17...

CVE-2024-29941

Insecure storage of the ICT MIFARE and DESFire encryption keys in the firmware binary allows malicious actors to create credentials for any site code and card number that is using the default ICT encryption...

CVE-2024-12383

The Binary MLM Woocommerce plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0. This is due to missing or incorrect nonce validation on the 'bmwdisplaypvsetpage' function and insufficient input sanitization and output escaping of the...

CVE-2024-25139

In TP-Link Omada er605 1.0.1 through v2.6 2.2.3, a cloud-brd binary is susceptible to an integer overflow that leads to a heap-based buffer overflow. After heap shaping, an attacker can achieve code execution in the context of the cloud-brd binary that runs at the root level. This is fixed in...

CVE-2024-45832

Hard-coded credentials were included as part of the application binary. These credentials served as part of the application authentication flow and communication with the mobile application. An attacker could access unauthorized information...