5 matches found
CVE-2026-5247
The CVE concerns the WordPress plugin Schedule Post Changes With PublishPress Future (WordPress). All versions up to 4.10.0 are affected by a Stored Cross-Site Scripting (XSS) vulnerability in the [futureaction] shortcode’s wrapper attribute. The root cause is insufficient input sanitization: esc...
MariaDB Server 安全漏洞
MariaDB Server is an open-source relational database system developed by MariaDB. Vulnerabilities existed in versions prior to 11.4.10, as well as in versions 11.5.x to 11.8.x, up to 11.8.6, and 12.x up to 12.2.2. These vulnerabilities were due to a buffer overflow in the cachingsha2password...
CVE-2026-30871 OpenWrt Project has Stack-based Buffer Overflow in DNS PTR Query
OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parsequestion function. The issue is triggered by PTR queries for reverse DNS domains .in-addr.arpa and .ip6.arp...
EUVD-2026-8883
SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to bypass login verification and retrieve sensitive...
PT-2017-15203 · Cs Cart · Cs-Cart Japanese Edition +1
Name of the Vulnerable Software and Affected Versions: CS-Cart Japanese Edition versions 4.3.10 and earlier excluding v2 and v3 CS-Cart Multivendor Japanese Edition versions 4.3.10 and earlier excluding v2 and v3 Description: A cross-site request forgery CSRF issue allows remote attackers to hija...