EUVD-2026-19845

ChurchCRM is an open-source church management system. Prior to 7.1.0, the searchwhat parameter via QueryView.php with the QueryID=15 is vulnerable to a SQL injection. The authenticated user requires access to Data/Reports Query Menu and access to the "Advanced Search" query. This vulnerability is...

CVE-2025-23777

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in willowsconsulting GDPR Personal Data Reports gdpr-personal-data-reports allows Stored XSS.This issue affects GDPR Personal Data Reports: from n/a through = 1.0.5...

PT-2025-44939

Name of the Vulnerable Software and Affected Versions All in One Time Clock Lite versions up to and including 2.0.3 Description The plugin exhibits unauthorized access due to a missing authorization check. Admin-level AJAX actions are exposed to unauthenticated users through wp ajax nopriv hooks,...

CVE-2025-23777 WordPress GDPR Personal Data Reports Plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in willowsconsulting GDPR Personal Data Reports gdpr-personal-data-reports allows Stored XSS.This issue affects GDPR Personal Data Reports: from n/a through = 1.0.5...

CVE-2025-23777 WordPress GDPR Personal Data Reports Plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in willowsconsulting GDPR Personal Data Reports gdpr-personal-data-reports allows Stored XSS.This issue affects GDPR Personal Data Reports: from n/a through = 1.0.5...

CVE-2025-23777

CVE-2025-23777 is an stored XSS in GDPR Personal Data Reports (Willows Consulting Ltd.). The affected product is GDPR Personal Data Reports (versions up to 1.0.5, n/a through 1.0.5). Root cause is improper neutralization of input during web page generation, enabling stored cross-site scripting. C...

WordPress GDPR Personal Data Reports Plugin <= 1.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 in WordPress Plugin GDPR Personal Data Reports versions = 1.0.5...

CVE-2023-48704

ClickHouse is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on...

CVE-2023-47118 Heap buffer overflow in T64 codec decompression

ClickHouse® is an open-source column-oriented database management system that allows generating analytical data reports in real-time. A heap buffer overflow issue was discovered in ClickHouse server. An attacker could send a specially crafted payload to the native interface exposed by default on...

CVE-2019-15506

An issue was discovered in Kaseya Virtual System Administrator VSA through 9.4.0.37. It has a critical information disclosure vulnerability. An unauthenticated attacker can send properly formatted requests to the web application and download sensitive files and information. For example, the...

Joomla! Component Camelcitydb2 2.2 - SQL Injection

Joomla! Component Camelcitydb2 2.2 - SQL Injection Joomla Component Camelcitydb2 SQL Injection Vulnerability Vulnerability found by: H!tm@N Contact: khghitmanatgmaildotcom Site: www.khg-crew.ws Greetz: boom3rang, KHG, urtan, warning, chs, redc00de - -=Kosova Hackers Group=- ScriptName: "Joomla"...