7 matches found
CVE-2026-44371
Open OnDemand (HPC portal) is affected prior to versions 4.0.11, 4.1.5, and 4.2.2. The issue allows specially crafted filenames to execute JavaScript in the file browser. The vulnerability is fixed in 4.0.11, 4.1.5, and 4.2.2. Impact is web/application-level, with JavaScript execution in the file...
CVE-2024-6667 kbucket < 4.1.5 - Reflected XSS
The KBucket: Your Curated Content in WordPress plugin before 4.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against admin...
CVE-2024-31280
Unrestricted Upload of File with Dangerous Type vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.1.5...
CVE-2023-24258
SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request...
CVE-2020-35168
Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability...
PT-2018-2622 · Apache +1 · Apache Openoffice +2
Name of the Vulnerable Software and Affected Versions: Apache Open Office versions 4.1.5 and earlier Description: The issue is related to an arithmetic overflow that occurs when loading a document with a smaller end line termination than the operating system uses. This defect can cause the softwa...
CVE-2018-9118
exports/download.php in the 99 Robots WP Background Takeover Advertisements plugin before 4.1.5 for WordPress has Directory Traversal via a .. in the filename parameter...