21 matches found
PT-2026-32485
Name of the Vulnerable Software and Affected Versions AC800M System 800xA versions 6.0.0x through 6.0.0303.0 AC800M System 800xA versions 6.1.0x through 6.1.0031.0 AC800M System 800xA versions 6.1.1x through 6.1.1202.0 AC800M System 800xA versions 6.2.0x through 6.2.0006.0 Symphony Plus SD Series...
EUVD-2025-198072
In Ascertia SigningHub through 8.6.8, there is a lack of rate limiting on the invite user function, leading to an email bombing vulnerability. An authenticated attacker can exploit this by automating invite requests...
Ascertia SigningHub 安全漏洞
Ascertia SigningHub is an electronic signature software from Ascertia UK. A security vulnerability exists in Ascertia SigningHub version 8.6.8 and prior versions, which stems from a lack of rate limiting in the reset password function and could lead to email bombing...
Ascertia SigningHub 安全漏洞
Ascertia SigningHub is an electronic signature software from Ascertia UK. A security vulnerability exists in Ascertia SigningHub version 8.6.8 and prior versions, which stems from a lack of rate limiting in the Invite Users feature and could lead to email bombing...
EUVD-2025-35048
A lack of rate limiting in the component /Home/UploadStreamDocument of SigningHub v8.6.8 allows attackers to cause a Denial of Service DoS via uploading an excessive number of files...
EUVD-2025-35049
A lack of rate limiting in the One-Time Password OTP verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack...
CVE-2025-56224
A lack of rate limiting in the One-Time Password OTP verification endpoint of SigningHub v8.6.8 allows attackers to bypass verification via a bruteforce attack...
CVE-2025-56219
Incorrect access control in SigningHub v8.6.8 allows attackers to arbitrarily add user accounts without any rate limiting. This can lead to a resource exhaustion and a Denial of Service DoS when an excessively large number of user accounts are created...
SigningHub 安全漏洞
SigningHub is an electronic signature platform from SigningHub UK. A security vulnerability exists in SigningHub version v8.6.8, which stems from a lack of rate limiting in the component /Home/UploadStreamDocument, which could lead to a denial of service attack...
CVE-2025-56219
Incorrect access control in SigningHub v8.6.8 allows attackers to arbitrarily add user accounts without any rate limiting. This can lead to a resource exhaustion and a Denial of Service DoS when an excessively large number of user accounts are created...
SigningHub 安全漏洞
SigningHub is an electronic signature platform from SigningHub UK. A security vulnerability exists in SigningHub version v8.6.8, which stems from a lack of rate limiting in the one-time password verification endpoint, which could lead to a brute force attack to bypass the verification...
SigningHub 安全漏洞
SigningHub is an electronic signature platform from SigningHub UK. A security vulnerability exists in SigningHub version 8.6.8, which stems from a lack of rate limiting in the login mechanism and could lead to a brute force attack to bypass authentication...
CVE-2025-56218
An arbitrary file upload vulnerability in SigningHub v8.6.8 allows attackers to execute arbitrary code via uploading a crafted PDF file...
EUVD-2025-30463
Malicious code in bioql PyPI...
CVE-2025-59589
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through = 8.6.8...
CVE-2025-59588
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in PenciDesign Soledad soledad allows PHP Local File Inclusion.This issue affects Soledad: from n/a through = 8.6.8...
CVE-2025-59588
CVE-2025-59588 describes an authenticated Local File Inclusion in the Soledad WordPress theme (Soledad
WordPress Soledad Theme <= 8.6.8 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Soledad versions = 8.6.8...
WordPress Soledad Theme <= 8.6.8 is vulnerable to Cross Site Scripting (XSS)
Software Soledad Type Theme Vulnerable versions = 8.6.8 Fixed in 8.6.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2025-59589 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 129327b97bb0 Credits João Pedro S Alcântara Kinorth Required privile...
PT-2025-39059
Name of the Vulnerable Software and Affected Versions PenciDesign Soledad versions through 8.6.8 Description A flaw exists in PenciDesign Soledad that allows for DOM-Based Cross-site Scripting XSS. This issue is due to improper neutralization of input during web page generation. The vulnerability...