Linux Distros Unpatched Vulnerability : CVE-2021-41165

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CKEditor4 is an open source WYSIWYG HTML editor. In affected version a vulnerability has been discovered in the core HTML processing module and may affect all...

Linux Distros Unpatched Vulnerability : CVE-2022-0489

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting with 8.15 . It was possible to trigger a DOS by using the math feature with a...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to improper filtering protected news archives. An attacker can access sensitive information by retrieving protected news items that are unintentionally included in the public RSS feed. Workaround This...

Linux Distros Unpatched Vulnerability : CVE-2024-23635

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to 1.7.5, there is a potential for a mutation XSS...

Linux Distros Unpatched Vulnerability : CVE-2020-13325

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions prior 13.1. The comment section of the issue page was not restricting the characters properly, potentially...

Linux Distros Unpatched Vulnerability : CVE-2025-2123

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability, which was classified as problematic, has been found in GeSHi up to 1.0.9.1. Affected by this issue is the function getvar of the file...

Linux Distros Unpatched Vulnerability : CVE-2020-25286

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wp-includes/comment-template.php in WordPress before 5.4.2, comments from a post or page could sometimes be seen in the latest comments even if the post or...

The Influence of Code Comments on the Perceived Helpfulness of Stack Overflow Posts

Question-and-answer platforms such as Stack Overflow have become an important way for software developers to share and retrieve knowledge. However, reusing poorly understood code can lead to serious problems, such as bugs or security vulnerabilities. To better understand how code comments affect...

Linux Distros Unpatched Vulnerability : CVE-2016-5704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HT...

WordPress 多说社会化评论框 plugin <= 1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin 多说社会化评论框 versions = 1.2...

CVE-2025-53226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digitalzoomstudio Comments Capcha Box comments-capcha-box allows Reflected XSS.This issue affects Comments Capcha Box: from n/a through = 1.1...

CVE-2025-55734

flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, the code checks if the userRole is "admin" only when visiting the /admin page, but not when visiting its subroutes. Specifically, only the file routes/adminPanel.py checks the user role when a user is trying to access the admin page,...

CVE-2025-53226

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digitalzoomstudio Comments Capcha Box comments-capcha-box allows Reflected XSS.This issue affects Comments Capcha Box: from n/a through = 1.1...

CVE-2025-53226

CVE-2025-53226 (WordPress Comments Capcha Box) involves a reflected XSS in the Comments Capcha Box plugin for WordPress (versions up to 1.1). Root cause: improper neutralization of input during web page generation, allowing injection of malicious scripts. Impact: client-side script execution coul...

CVE-2025-53226 WordPress Comments Capcha Box Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digitalzoomstudio Comments Capcha Box comments-capcha-box allows Reflected XSS.This issue affects Comments Capcha Box: from n/a through = 1.1...

CVE-2025-53226 WordPress Comments Capcha Box Plugin <= 1.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digitalzoomstudio Comments Capcha Box allows Reflected XSS. This issue affects Comments Capcha Box: from n/a through 1.1...

WordPress plugin Comments Capcha Box 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

Linux Distros Unpatched Vulnerability : CVE-2022-4245

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in codehaus-plexus. The org.codehaus.plexus.util.xml.XmlWriterUtilwriteComment fails to sanitize comments for a -- sequence. This issue means...

CVE-2025-55734

flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, the code checks if the userRole is "admin" only when visiting the /admin page, but not when visiting its subroutes. Specifically, only the file routes/adminPanel.py checks the user role when a user is trying to access the admin page,...

CVE-2025-55734 flaskBlo Authorization Bypass

flaskBlog is a blog app built with Flask. In 2.8.0 and earlier, the code checks if the userRole is "admin" only when visiting the /admin page, but not when visiting its subroutes. Specifically, only the file routes/adminPanel.py checks the user role when a user is trying to access the admin page,...