CVE-2026-3034 OoohBoi Steroids for Elementor <= 2.1.24 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple URL Controls

The OoohBoi Steroids for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the obspaceratlink, obbbadlink, and obteleporterlink URL parameters in all versions up to, and including, 2.1.24. This makes it possible for authenticated attackers, with Contributor-level...

EUVD-2021-23708

Malware in sbrugna...

EUVD-2020-1441

Malware in sbrugna...

EUVD-2015-6419

Malware in sbrugna...

CVE-2025-5422

Juzaweb CMS (

CVE-2024-6696

Hitachi Vantara Pentaho Business Analytics Server exposes an authorization check flaw in the user console trash content across versions prior to 10.2.0.0 and 9.3.0.9 (including 8.3.x). The root cause is insufficient granularity in access controls (CWE-1220), allowing an attacker to bypass protect...

CVE-2022-32507

An issue was discovered on certain Nuki Home Solutions devices. Some BLE commands, which should have been designed to be only called from privileged accounts, could also be called from unprivileged accounts. This demonstrates that no access controls were implemented for the different BLE commands...

Sensormatic Electronics iSTAR

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low attack complexity Vendor: Sensormatic Electronics, a subsidiary of Johnson Controls Inc. Equipment: iSTAR Ultra Vulnerability: Command Injection 2. RISK EVALUATION An unauthenticated user could use a malicious request to run...

Updated samba packages fix security vulnerabilities

Updated samba packages fix security vulnerabilities: A client combining the 'ASQ' and 'Paged Results' LDAP controls can cause a use-after-free in Samba's AD DC LDAP server CVE-2020-10700. A deeply nested filter in an un-authenticated LDAP search can exhaust the LDAP server's stack memory causing ...

CVE-2013-6040

MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls before version 4.0 vulnerable to arbitrary code via a crafted HTML document. Latest versions 4.0 of MW6 Aztec, DataMatrix, and MaxiCode ActiveX controls have resolved the issue...

Alibaba's Alipay controls exploit research-vulnerability warning-the black bar safety net

About Alibaba Alipay controls vulnerability, the network is also controversial. Some say that vulnerability exists, and some say does not exist, give me also don't know the letter who. However, no investigation has no say, or let our own go looking for the answer to the question. We first take a...