ai.catboost:catboost-spark_3.5_2.12 (>=1.2.3 <=1.2.10), ai.djl.spark:spark_2.12 (=0.29.0) +265 more potentially affected by CVE-2025-55039 via org.apache.spark:spark-network-common_2.12 (>=3.5.0 <=3.5.1)

org.apache.spark:spark-network-common2.12 MAVEN version =3.5.0, =1.2.3, =3.44.0.1-1-3.5, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =7.0.0, =0.6.17, =0.0.3, =14.0.0, =14.0.0, =14.0.0, =14.17.1 - bio.ferlab:obo-parser2.12 =1.3.1 and more Source cves: CVE-2025-55039 Source advisory:...

EUVD-2008-4420

Malware in sbrugna...

EUVD-2008-4419

Malware in sbrugna...

CVE-2025-53933

creationtimestamp| type| source ---|---|--- 2025-09-09 20:56:46+00:00| seen| MISP/2bceffac-02c3-4c54-a709-6e253b38ec76...

WordPress plugin Import Export Suite for CSV and XML Datafeed 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code issue vulnerability exists in WordPress...

Price can be stale leading to wrong return value in refreshedAssetPerBaseInUQ in ChainlinkPriceOracle.sol

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Stale price from data feed can lead to incorrect value of assetPerBaseInUQ Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that...

Cross-site scripting vulnerability in WordPress plugin alfieliate-datafeed-installer

WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the WordPress plugin alfieliate-datafeed-installer, which allows an attacker to construct malicious web pages and tri...

WordPress CP Multi View Event Calendar Plugin 1.1.7 - SQL Injection

Exploit Title: WordPress cp-multi-view-calendar.1.1.7 Unauthenticated SQL injection vulnerabilities Date: 2015-07-10 Google Dork: Index of /wordpress/wp-content/plugins/cp-multi-view-calendar Vendor Homepage: http://wordpress.dwbooster.com/ Software Link:...

Datafeed Studio 1.6.2 'search.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30660/info Datafeed Studio is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the...

Datafeed Studio 'patch.php' Remote File Include Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30659/info Datafeed Studio is prone to a remote file-include vulnerability because it fails to properly sanitize user-supplied input. An attacker can exploit this issue to include an arbitrary remote file containing...

PHP Calendars Script SQL Injection Vulnerability

Exploit for php platform in category web applications ================================================ PHP Calendars Script SQL Injection Vulnerability ================================================ 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\...

PHP Calendars Script SQL Injection Vulnerability

No description provided by source. Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:PHP Calendars Script SQL Vulnerable Vendor url:http://www.jce-tech.com Version:1 Price:n/a Published: 2010-06-21 Greetz to:r0073r inj3ct0r.com, Sid3^effects, MaYur, MA1201, Sonic Bluehat. Special...

PHP Calendars Script - SQL Injection

1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:PHP Calendars Script SQL Vulnerable Vendor url:http://www.jce-tech.com Version:1 Price:n/a Published:...

PHP Calendars Script - SQL Injection

PHP Calendars Script - SQL Injection 1 1 0 I'm L0rd CrusAd3r member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 Author: L0rd CrusAd3r aka VSN [email protected] Exploit Title:PHP Calendars Script SQL Vulnerable Vendor...

CVE-2009-3198

Cross-site scripting XSS vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2009-3198

Cross-site scripting XSS vulnerability in search.php in JCE-Tech Affiliate Master Datafeed Parser Script 2.0 allows remote attackers to inject arbitrary web script or HTML via the search parameter...

CVE-2009-3198

The CVE-2009-3198 is an XSS vulnerability in the JCE-Tech Affiliate Master Datafeed Parser Script 2.0, affecting its search.php where the search parameter can inject arbitrary web script/HTML. This is a remote issue with a cross-site scripting impact described in multiple sources (NVD, Red Hat, C...

CVE-2008-4438

Cross-site scripting XSS vulnerability in search.php in Datafeed Studio 1.6.2 allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2008-4439

PHP remote file inclusion vulnerability in admin/bin/patch.php in MartinWood Datafeed Studio before 1.6.3 allows remote attackers to execute arbitrary PHP code via a URL in the INSTALLFOLDER parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...

Remote file inclusion

PHP remote file inclusion vulnerability in admin/bin/patch.php in MartinWood Datafeed Studio before 1.6.3 allows remote attackers to execute arbitrary PHP code via a URL in the INSTALLFOLDER parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third...