3 matches found
EUVD-2026-11743
wpDiscuz before 7.6.47 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious JavaScript by importing a crafted options file with unescaped customCss field values. Attackers can supply a malicious JSON import file containing script payloads in...
CVE-2026-22192
Voltronic Power SNMP Web Pro version 1.1 contains an authentication bypass vulnerability that allows unauthenticated attackers to access privileged management functions by manipulating browser localStorage values. Attackers can modify client-side authentication state to bypass server-side access...
PT-2024-2479 · Ruby +7 · Rdoc +7
Name of the Vulnerable Software and Affected Versions: RDoc versions 6.3.3 through 6.6.2 Description: The issue is related to the restoration of untrusted data in memory by the RDoc documentation generator for the Ruby programming language. This can be exploited to execute arbitrary code using...