CVE-2025-14168

The WP DB Booster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing nonce validation on the cleanupall AJAX action. This makes it possible for unauthenticated attackers to delete database records including post...

CVE-2025-14168 WP DB Booster <= 1.0.1 - Cross-Site Request Forgery to Database Cleanup

The WP DB Booster plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.1. This is due to missing nonce validation on the cleanupall AJAX action. This makes it possible for unauthenticated attackers to delete database records including post...

WordPress WP DB Booster plugin <= 1.0.1 - Cross-Site Request Forgery to Database Cleanup vulnerability

Cross-Site Request Forgery to Database Cleanup vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin WP DB Booster versions = 1.0.1...

WordPress WP Fastest Cache plugin <= 1.4.0 - Missing Authorization to Authenticated (Subscriber+) DB Cleanup Actions vulnerability

Missing Authorization to Authenticated Subscriber+ DB Cleanup Actions vulnerability discovered by Dmitrii Ignatyev - CleanTalk Inc in WordPress Plugin WP Fastest Cache versions = 1.4.0...

CVE-2022-42310

Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. When the transaction is...

EulerOS Virtualization 2.11.1 : bind (EulerOS-SA-2024-1712)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses...

Virtuozzo Hybrid Infrastructure 6.1 Hotfix 1 (6.1.0-247)

In this release, Virtuozzo Hybrid Infrastructure enables selective updates of specific Kubernetes node groups, as well as provides stability and performance improvements. Vulnerability id: VSTOR-83526 Cannot filter backup plans by using the "Disabled" status. Vulnerability id: VSTOR-83662 Added...

CVE-2023-6516

To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queue...

Evolution 1.1 and Prior Remote Execution

Product: MODX Evolution Risk: Very High Severity: Critical Versions: =1.1 Vulnerability Type: Remote Code Execution Report Date: 2016-November-08 Fixed Date: 2016-November-12 Description The following components distributed with all versions of MODX Evolution and 0.9.x contain a vulnerability, th...

cumin: DoS via displayed link names containing non-ASCII characters

It was found that if Cumin were asked to display a link name containing non-ASCII characters, the request would terminate with an error. If data containing non-ASCII characters were added to the database such as via Cumin or Wallaby, requests to load said data would terminate and the requested pa...

cumin: DoS via displayed link names containing non-ASCII characters

It was found that if Cumin were asked to display a link name containing non-ASCII characters, the request would terminate with an error. If data containing non-ASCII characters were added to the database such as via Cumin or Wallaby, requests to load said data would terminate and the requested pa...

Zen Cart 1.3.8 Remote SQL Execution Exploit

Exploit for unknown platform in category web applications =========================================== Zen Cart 1.3.8 Remote SQL Execution Exploit =========================================== !/usr/bin/python ------- Zen Cart 1.3.8 Remote SQL Execution http://www.zen-cart.com/ Zen Cart Ecommerce -...