3 matches found
CVE-2026-31952
Xibo is an open source digital signage platform with a web content management system and Windows display player software. Versions 1.7 through 4.4.0 have an SQL injection vulnerability in the API routes inside the CMS responsible for Filtering DataSets. This allows an authenticated user to to...
CVE-2025-61922
PrestaShop Checkout (ps_checkout) vulnerability CVE-2025-61922 allows unauthenticated, zero-click account takeover by knowing the victim’s email. Affected versions are prior to 4.4.1 and 5.0.5; patches exist and fix is in 4.4.1 (for PrestaShop 1.7 and 8) and 5.0.5 (for 1.7, 8, and 9). Public expl...
CVE-2024-41818
A regular expression denial of service ReDoS flaw was found in fast-xml-parser in the currency.js script. By sending a specially crafted regex input, a remote attacker could cause a denial of service condition...