9 matches found
PT-2025-44799
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.8.7 Description Nagios XI versions prior to 5.8.7, utilizing embedded Nagios Core, are susceptible to cross-site scripting XSS through the Core UI’s Views URL handling. Insufficient validation or escaping of...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to 5.8.7 that stems from improperly set...
PT-2025-44480
Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.8.7 Description Nagios XI used a temporary directory for Highcharts exports with overly permissive ownership and permissions under the Apache user. This allowed local or co-hosted processes to read or overwrite...
WordPress plugin ProfileGrid 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress ProfileGrid – User Profiles, Groups and Communities plugin <= 5.8.7 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Manab Jyoti Dowarah Patchstack Alliance in WordPress Plugin ProfileGrid versions = 5.8.7...
PT-2023-24653 · Spring · Spring Security
Name of the Vulnerable Software and Affected Versions: Spring Security versions prior to 5.8.7 Spring Security versions prior to 6.0.7 Spring Security versions prior to 6.1.4 Spring Security versions prior to 6.2.0-M1 Description: The spring-security.xsd file inside the spring-security-config jar...
Nagios XI 跨站脚本漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI versions prior to v5.8.7, which stems from a discovery on...
PluXml 跨站脚本漏洞
PluXml is a content management system that does not require a database to work.A cross-site scripting vulnerability exists in PluXML version 5.8.7. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a payload in the thumbnail path of a blog post...
PluXml 跨站脚本漏洞
PluXml is a free and open source content management system that does not require a database to work. A cross-site scripting vulnerability exists in PluXML, which stems from a stored XSS vulnerability that the Article Editing feature of PluXML 5.8.7 allows to be implemented via headers or content...