WP Hotel Booking < 1.10.4 - PHP Object Injection

The wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpresshotelbooking1 cookie in load in includes/class-wphb-sessions.php. id: CVE-2020-29047 info: name: WP Hotel Booking 1.10.4 - PHP Object...

CrafterCMS Engine - Cross-Site Scripting

CrafterCMS Engine is vulnerable to reflected cross-site scripting XSS via the transformerName parameter in the /api/1/site/url/transform endpoint, allowing attackers to execute arbitrary JavaScript in the context of the user. id: CVE-2023-4136 info: name: CrafterCMS Engine - Cross-Site Scripting...

MeteoBridge <= 6.1 - Remote Code Execution

The Meteobridge web interface let meteobridge administrator manage their weather station data collection and administer their meteobridge system through a web application written in CGI shell scripts and C.This web interface exposes an endpoint that is vulnerable to command injection.Remote...

Moodle LMS Jmol Plugin <= 6.1 - Cross-Site Scripting

A reflected cross-site scripting XSS vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the data parameter in jsmol.php. The application fails to properly sanitize user input before embedding it into the HTTP response, allowing an attacker to execute arbitrary JavaScript...

Moodle Jmol Filter 6.1 - Local File Inclusion

Moodle Jmol Filter 6.1 is vulnerable to local file inclusion through the jsmol.php file, allowing attackers to read arbitrary files on the server. id: CVE-2025-34031 info: name: Moodle Jmol Filter 6.1 - Local File Inclusion author: madrobot severity: high description: | Moodle Jmol Filter 6.1 is...

WeiYe-Jing datax-web <= 2.1.2 - OS Command Injection

A vulnerability, which was classified as critical, has been found in WeiYe-Jing datax-web 2.1.2. Affected by this issue is some unknown functionality of the file /api/log/killJob of the component HTTP POST Request Handler. The manipulation of the argument processId leads to os command injection...

Personal Weather Station Dashboard 12 - Directory Traversal

Personal Weather Station Dashboard 12lts allows unauthenticated remote attackers to read arbitrary files via ../ directory traversal in the test parameter to /others/test.php, as demonstrated by reading the server's private SSL key in cleartext. id: CVE-2025-47423 info: name: Personal Weather...

Docusaurus Gists Plugin < 4.0.0 - GitHub Personal Access Token Exposure

The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing GitHub Personal Access Tokens in production build artifacts when passed through plugin configuratio...

Akamai CloudTest < 60 2025.06.02 - XML External Entity (XXE)

Akamai CloudTest before 60 2025.06.02 12988 allows file inclusion via XML External Entity XXE injection. id: CVE-2025-49493 info: name: Akamai CloudTest 60 2025.06.02 - XML External Entity XXE author: xbow,3th1cyuk1 severity: critical description: | Akamai CloudTest before 60 2025.06.02 12988...

123Solar 1.8.4.5 - Cross-Site Scripting

123Solar 1.8.4.5 is vulnerable to reflected cross-site scripting XSS via the date1 parameter in detailed.php. Unsanitized user input is reflected in the response, allowing arbitrary JavaScript execution. id: CVE-2024-9007 info: name: 123Solar 1.8.4.5 - Cross-Site Scripting author: ritikchaddha...

LyLme spage v1.9.5 - Server-Side Request Forgery

LyLme spage v1.9.5 is vulnerable to server-side request forgery SSRF via the url parameter in apply/index.php. An attacker can force the server to make arbitrary requests, potentially accessing internal resources. id: CVE-2024-36675 info: name: LyLme spage v1.9.5 - Server-Side Request Forgery...

OneNav v0.9.35-20240318 - Server-Side Request Forgery (SSRF)

OneNav v0.9.35-20240318 is vulnerable to server-side request forgery SSRF via the url parameter in the getlinkinfo API. An attacker can force the server to make arbitrary requests, potentially accessing internal resources. id: CVE-2024-33832 info: name: OneNav v0.9.35-20240318 - Server-Side Reque...

WordPress ProfilePress 3.0-3.1.3 - Arbitrary File Upload

A vulnerability in the file uploader component found in the /src/Classes/FileUploader.php file of the ProfilePress WordPress plugin made it possible for users to upload arbitrary files during user registration or during profile updates. This issue affects versions 3.0.0 - 3.1.3. id: CVE-2021-3462...

WordPress 10Web Map Builder < 1.0.73 - Unauthenticated SQL Injection

The 10Web Map Builder for Google Maps WordPress plugin before 1.0.73 does not properly sanitise and escape some parameters before using them in an SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection id: CVE-2023-0037 info: name: WordPress 10Web Map...

WordPress Meta SEO <= 4.5.2 - Open Redirect

The WP Meta SEO WordPress plugin before 4.5.3 did not authorize several AJAX actions, which allowed low-privilege users to update certain data and resulted in an arbitrary redirect vulnerability. id: CVE-2023-0876 info: name: WordPress Meta SEO = 4.5.2 - Open Redirect author: Khalid6468 severity:...

Stirling-PDF SSRF via Markdown

Stirling-PDF is a locally hosted web application that performs various operations on PDF files. Prior to version 1.1.0, when using the /api/v1/convert/markdown/pdf endpoint to convert Markdown to PDF, the backend calls a third-party tool to process it and includes a sanitizer for security...

Jan v0.4.12 'readFileSync' - Path Traversal

Jan v0.4.12 was discovered to contain an arbitrary file read vulnerability via the /v1/app/readFileSync interface. id: CVE-2024-36857 info: name: Jan v0.4.12 'readFileSync' - Path Traversal author: Yusuf Amr severity: high description: | Jan v0.4.12 was discovered to contain an arbitrary file rea...

MikoPBX - Unrestricted File Upload

MikoPBX through 2024.1.114 contains an authenticated unrestricted file upload vulnerability caused by allowing PHP script uploads in PBXCoreREST/Controllers/Files/PostController.php. id: CVE-2025-52207 info: name: MikoPBX - Unrestricted File Upload author: darses severity: critical description: |...

Jan v0.4.12 - Arbitrary File Upload

An arbitrary file upload vulnerability in the /v1/app/writeFileSync interface of Jan v0.4.12 allows attackers to execute arbitrary code via uploading a crafted file. id: CVE-2024-36858 info: name: Jan v0.4.12 - Arbitrary File Upload author: pussycat0x severity: critical description: | An arbitrar...

HomeAutomation 3.3.2 - Open Redirect

HomeAutomation 3.3.2 contains a redirect vulnerability caused by improper verification of the 'redirect' GET parameter in 'api.php', letting attackers redirect users to arbitrary websites, exploit requires user interaction with a crafted link. id: CVE-2020-21998 info: name: HomeAutomation 3.3.2 -...