CVE-2026-0862

The Save as PDF Plugin by PDFCrowd plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘options’ parameter in all versions up to, and including, 4.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

CVE-2026-0862

CVE-2026-0862 concerns the WordPress plugin “Save as PDF Plugin by PDFCrowd.” Wordfence/patch data indicate a Reflected Cross-Site Scripting (XSS) vulnerability via the options parameter in all versions up to 4.5.5, caused by insufficient input sanitization and output escaping. Exploitation by an...

CVE-2026-0862 Save as PDF Plugin by PDFCrowd <= 4.5.5 - Reflected Cross-Site Scripting via options

The Save as PDF Plugin by PDFCrowd plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘options’ parameter in all versions up to, and including, 4.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

CVE-2026-0862

The Save as PDF Plugin by PDFCrowd plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘options’ parameter in all versions up to, and including, 4.5.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to injec...

PT-2026-4617

Name of the Vulnerable Software and Affected Versions Save as PDF Plugin for WordPress versions prior to 4.5.6 Description The Save as PDF Plugin for WordPress is susceptible to Reflected Cross-Site Scripting through the options parameter. Insufficient input sanitization and output escaping allow...

CVE-2016-10800

cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls SEC-138...

EUVD-2016-1808

Malware in sbrugna...

EUVD-2016-1794

Malware in sbrugna...

CVE-2016-10814

cPanel before 57.9999.54 allows demo-mode escape via showtemplate.stor SEC-119...

Google to Remove App that Made Google Pixel Devices Vulnerable to Attacks

A large percentage of Google's own Pixel devices shipped globally since September 2017 included dormant software that could be used to stage nefarious attacks and deliver various kinds of malware. The issue manifests in the form of a pre-installed Android app called "Showcase.apk" that comes with...

CVE-2021-32644

Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. Th...

Code injection

Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. Th...

UBUNTU-CVE-2021-32644

Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. Th...

CVE-2021-32644

Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. Th...

CVE-2021-32644 Cross-site Scripting in Random.php

Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. Th...

bluescan

This is a Python script for a Bluetooth scanner, specifically designed to scan for devices, services, and vulnerabilities. The script is called "bluescan" and is available on GitHub. The script is based on the BlueZ Bluetooth protocol stack and uses the libbluetooth-dev package. It can be install...

CVE-2016-10800

cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls SEC-138...

CVE-2016-10800

cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls SEC-138...

Code injection

cPanel before 58.0.4 allows demo-mode escape via Site Templates and Boxtrapper API calls SEC-138...

CVE-2016-10800

Affected software: cPanel prior to 58.0.4. Vulnerability: demo-mode escape via Site Templates and Boxtrapper API calls (SEC-138). Root cause / impact: the issue allows escape in demo mode, with impact characterized as partial confidentiality/integrity/availability risk per the cited sources. Expl...