CVE-2023-26216

The server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an exploitable vulnerability that allows an attacker to upload files to a directory accessible by the web server. Affected releases are TIBCO Software Inc.'s TIBCO EBX Add-ons: versions 4.5.16 and below...

CVE-2024-58134 Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

CVE-2025-27156 Tuleap allows content injection via emails sent by the mass emailing features

Tuleap is an Open Source Suite to improve management of software developments and collaboration. The mass emailing features do not sanitize the content of the HTML emails. A malicious user could use this issue to facilitate a phishing attempt or to indirectly exploit issues in the recipients mail...

PT-2023-16903 · WordPress · Rapidload Power-Up For Autoptimize

Name of the Vulnerable Software and Affected Versions: RapidLoad Power-Up for Autoptimize plugin for WordPress versions up to, and including, 1.7.1 Description: The issue is related to unauthorized cache modification due to a missing capability check on the queue posts function. This allows...

SUSE CVE-2016-7860

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution...

Unspecified Vulnerability in Nextcloud (CNVD-2021-51796)

Nextcloud is a set of open source self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability in Nextcloud Server in versions prior to 19.0.13, 20.011, and 21.0.3 can be exploited by an attacker to enumerate potentially valid...

Juniper Junos CVE-2019-0074 Local Directory Traversal Vulnerability

Description Juniper Junos is prone to a local directory-traversal vulnerability. An attacker can exploit this issue using directory-traversal characters '../' to read arbitrary files that contain sensitive information or to access files outside of the restricted directory to obtain sensitive...

EasyCart <= 3.0.15 - Unrestricted File Upload

In versions = 3.0.8 this can be exploited by authenticating as any WordPress user, and in versions 3.0.9 - 3.0.15 can be exploited by passing a valid password hash being used by any admin in the EasyCart user system...

-==phpBB 2.0.13 Full path disclosure==-

/ -------------------------------------------------------- Neo Security Team NST® - Advisory 09 - 03/03/05 -------------------------------------------------------- Program: phpBB 2.0.13 Homepage: http://www.phpbb.com Vulnerable Versions: phpBB 2.0.13 & Lower versions Risk: Low Risk!! Impact: Full...

ezBoard Cross Site Scripting Vulnerability

Advisory Name:ezBoard Cross Site Scripting Vulnerability Release Date: Feb 24,2004 Application: ezBoard Version Affected: 7.3u or lower? Vendor URL: http://www.ezboard.com/ Discover: Cheng Peng Suapplesoupatmsn.com Proof of Concept: This vuln is from font,ezBoard doesn't filter illegal characters...