4398 matches found
pearweb SQL注入漏洞
PearWeb is a PHP extension and application repository developed by PEAR. Versions of PearWeb prior to 1.33.0 contained a SQL injection vulnerability. This vulnerability originated from the APDOC queue, where there was an SQL injection vulnerability that could allow attackers to manipulate the nam...
GHSA-GWCH-7M8V-7544 terraform-provider-proxmox has insecure sudo recommendation in the documentation
Note: It is uncertain whether this constitutes a vulnerability or should be filed as an issue instead. Summary In the SSH configuration documentation, the sudoer line that was suggested can be escalated to edit any files in the system. Details The following line were suggested for addition in the...
MINI-X573-59JC-856V
Bulletin has no description...
HotCRP Conference Review Software Cross-Site Script Vulnerabilities
HotCRP Conference Review Software is a software developed by Eddie Kohler. It is used to manage review processes, especially for academic conferences. The version of HotCRP Conference Review Software dated October 2025 to January 2026 contained a cross-site scripting vulnerability. This...
WordPress Knowledge Base for Documentation, FAQs with AI Assistance plugin <= 16.011.0 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Plugin Knowledge Base for Documentation, FAQs with AI Assistance versions = 16.011.0...
CGA-G425-P243-8QQH
Bulletin has no description...
CGA-892H-9GFM-2C49
Bulletin has no description...
CGA-4PGF-5GFR-JXV8
Bulletin has no description...
SQLi
SQL Injection CTF Challenge - Quick Start Guide Files Over...
MINI-5P4P-QMC8-9J4F
Bulletin has no description...
CVE-2025-59096
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2025-59096
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2025-59096 Weak Default Password in dormakaba Kaba exos 9300
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2025-59096
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2025-59096 Weak Default Password in dormakaba Kaba exos 9300
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
CVE-2025-59096
CVE-2025-59096 describes a weak default password in dormakaba Kaba exos 9300 (U9ExosAdmin.exe, extended admin mode). Root cause: hard-coded default password present in multiple locations and in local user docs. Impact (per provided data): local attacker with HIGH privileges and LOCAL access could...
PT-2026-4746
The default password for the extended admin user mode in the application U9ExosAdmin.exe "Kaba 9300 Administration" is hard-coded in multiple locations as well as documented in the locally stored user documentation...
[SECURITY] Fedora 42 Update: python3.11-3.11.14-4.fc42
Python 3.11 is an accessible, high-level, dynamically typed, interpreted programming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3.11 package provides the "python3.11" executable:...
CVE-2025-13921
The weDocs: AI Powered Knowledge Base, Docs, Documentation, Wiki & AI Chatbot plugin for WordPress is vulnerable to unauthorized modification or loss of data due to a missing capability check on the 'wedocsuserdocumentationhandlingcapabilities' function in all versions up to, and including, 2.1.1...
EUVD-2026-4355
Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through = 11.0.0...