CVE-2026-35240 affecting package mysql for versions less than 8.0.46-1

CVE-2026-35240 affecting package mysql for versions less than 8.0.46-1. An upgraded version of the package is available that resolves this issue...

CVE-2025-39703 affecting package kernel for versions less than 5.15.200.1-1

CVE-2025-39703 affecting package kernel for versions less than 5.15.200.1-1. An upgraded version of the package is available that resolves this issue...

Ethercreative Logs 3.0.3 - Path Traversal

Exploit Title: Ethercreative Logs 3.0.3 - Path Traversal Date: 2022.01.26 Exploit Author: Steffen Rogge, SC Vendor Homepage: https://github.com/ethercreative/logs Software Link: https://plugins.craftcms.com/logs Version: =3.0.4 impact: Medium found: 2021-07-06 SEC Consult Vulnerability Lab An...

PT-2024-25549 · Macho Themes · Machothemes Cpo Companion

Name of the Vulnerable Software and Affected Versions: MachoThemes CPO Companion versions 1.1.0 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker ca...

PT-2021-10741 · Unknown · Phpgurukul Hospital Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Hospital Management System in PHP version 4.0 Description: The issue allows remote unauthenticated users to exploit it and obtain user sensitive information due to a sensitive information disclosure vulnerability in multiple areas...

Path Traversal

Overview browserless-chrome is a web-service that allows for remote clients to connect, drive, and execute headless work; all inside of docker. It offers first-class integrations for puppeteer, playwright, selenium's webdriver, and a slew of handy REST APIs for doing more common work. Affected...

PT-2017-12941

Name of the Vulnerable Software and Affected Versions Android versions 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0 Description The issue is related to an elevation of privilege vulnerability in the Android system, specifically in the art component. This could potentially allow for unauthorized acce...

REDDOXX Appliance Undocumented Administrative Service Account Vulnerability

Exploit for jsp platform in category web applications Undocumented Administrative Service Account in REDDOXX Appliance RedTeam Pentesting discovered an undocumented service account in the REDDOXX appliance software, which allows attackers to access the administrative interface of the appliance an...

eGroupWare 1.0 - 'index.php?cats_app' SQL Injection

source: https://www.securityfocus.com/bid/13212/info eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available. The issues arise due to a failure of the application to properly validate user-supplied input. These issues result in cross-site scripting and SQL...

eGroupWare 1.0 - ttsindex.php?filter SQL Injection

eGroupWare 1.0 - ttsindex.php?filter SQL Injection source: https://www.securityfocus.com/bid/13212/info eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available. The issues arise due to a failure of the application to properly validate user-supplied input...

eGroupWare 1.0 - index.php?cats_app SQL Injection

eGroupWare 1.0 - index.php?catsapp SQL Injection source: https://www.securityfocus.com/bid/13212/info eGroupWare is prone to multiple input validation vulnerabilities. A fixed version is available. The issues arise due to a failure of the application to properly validate user-supplied input. Thes...

Perception LiteServe MS-DOS filename vulnerability

Perception LiteServe http://www.cmfperception.com/liteserve.html is a Web, FTP and e-Mail server for Win. When GET requests are made to LiteServe's webserver with the name of the cgi-bin directory as a MS-DOS directory name eg. cgi-shizznitch=CGI-SH1 and cgi-bin=CGI-BIN, LiteServe will read the...