234 matches found
CVE-2017-20256
Joomla Survey Force Deluxe 3.2.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the invite parameter. Attackers can send GET requests to the component with crafted SQL payloads in the invite...
CVE-2017-20257
Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the ajaxaction.flagquestion task. Attackers can inject malicious SQL code via the stuquizid or flagquest parameters to manipulate database...
EUVD-2017-18984
Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the ajaxaction.flagquestion task. Attackers can inject malicious SQL code via the stuquizid or flagquest parameters to manipulate database...
CVE-2017-20257
Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands via the ajaxaction.flag_question task. Exploitation can occur by injecting malicious SQL through the stu_quiz_id or flag_quest parameters to manipula...
CVE-2017-20257 Joomla! Component Quiz Deluxe 3.7.4 SQL Injection
Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the ajaxaction.flagquestion task. Attackers can inject malicious SQL code via the stuquizid or flagquest parameters to manipulate database...
CVE-2017-20256 Joomla Survey Force Deluxe 3.2.4 SQL Injection via invite Parameter
Joomla Survey Force Deluxe 3.2.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the invite parameter. Attackers can send GET requests to the component with crafted SQL payloads in the invite...
CVE-2017-20256
Joomla Survey Force Deluxe 3.2.4 is affected by an SQL injection via the invite parameter, allowing unauthenticated attackers to run arbitrary SQL through crafted GET requests and potentially read sensitive database information. Impact is high (unauthenticated, network access, data confidentialit...
EUVD-2017-18983
Joomla Survey Force Deluxe 3.2.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the invite parameter. Attackers can send GET requests to the component with crafted SQL payloads in the invite...
CVE-2025-53444
Cross-Site Request Forgery CSRF vulnerability in DeluxeThemes Userpro userpro allows Cross Site Request Forgery.This issue affects Userpro: from n/a through 5.1.11...
CVE-2025-53444
Cross-Site Request Forgery CSRF vulnerability in DeluxeThemes Userpro userpro allows Cross Site Request Forgery.This issue affects Userpro: from n/a through 5.1.11...
PT-2026-33076
Name of the Vulnerable Software and Affected Versions Userpro versions prior to 5.1.11 Description A Cross-Site Request Forgery CSRF flaw in DeluxeThemes Userpro allows an attacker to induce a user to perform actions they did not intend to. CSRF is a technique where a malicious site tricks a user...
Malicious code in cowsay-deluxe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23689b5603efd5f0d639b4d6767c885941794f801324da60cbbe76afa159c139 The package cowsay-deluxe was found to contain malicious code...
MAL-2026-632 Malicious code in cowsay-deluxe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 23689b5603efd5f0d639b4d6767c885941794f801324da60cbbe76afa159c139 The package cowsay-deluxe was found to contain malicious code...
OESA-2026-1115 gimp security update
The GIMP is an image composition and editing program, which can be used for creating logos and other graphics for Web pages. The GIMP offers many tools and filters, and provides a large image manipulation toolbox, including channel operations and layers, effects, subpixel imaging and antialiasing...
CVE-2024-34532
A SQL injection vulnerability in Yvan Dotet PostgreSQL Query Deluxe module aka querydeluxe 17.x before 17.0.0.4 allows a remote attacker to gain privileges via the query parameter to models/querydeluxe.py:QueryDeluxe::getresultfromquery...
CVE-2025-68608
Missing Authorization vulnerability in DeluxeThemes Userpro userpro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Userpro: from n/a through = 5.1.9...
EUVD-2002-0254
Malware in sbrugna...
EUVD-2018-15640
Malware in sbrugna...
EUVD-2017-11451
Malware in sbrugna...
EUVD-2017-11448
Malware in sbrugna...