124 matches found
flow-core-x 代码问题漏洞
flow-core-x is a simple and powerful continuous integration and deployment server open source from flow.ci. Versions of flow-core-x 1.23.01 and earlier have code vulnerabilities. These vulnerabilities stem from a flaw in the Save function in the ConfigServiceImpl.java file within the SMTP Host...
CVE-2025-13778
Missing authentication for critical function vulnerability in ABB AWIN GW100 rev.2, ABB AWIN GW120.This issue affects AWIN GW100 rev.2: 2.0-0, 2.0-1; AWIN GW120: 1.2-0, 1.2-1...
CVE-2026-3743
A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...
CVE-2026-3743
A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...
CVE-2026-27754
SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 use the cryptographically broken MD5 hash function for session cookie generation, weakening session security. Attackers can exploit predictable session tokens combined with MD5's collision vulnerabilities to forge valid session cookies an...
PSI Probe 代码问题漏洞
PSI Probe is an open-source monitoring and management tool for Tomcat developed by Psi-Probe. Versions of PSI Probe 5.3.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from operations on the lookup function in the psi-probe-core/src/main/java/psiprobe/tools/Whois.java...
CVE-2026-2972
A vulnerability was determined in a466350665 Smart-SSO up to 2.1.1. This affects the function Save of the file smart-sso-server/src/main/java/openjoe/smart/sso/server/controller/admin/UserController.java of the component Role Edit Page. Executing a manipulation can lead to cross site scripting. T...
CVE-2026-2933
A weakness has been identified in YiFang CMS up to 2.0.5. This affects the function update of the file app/db/admin/DadManage.php of the component Extended Management Module. Executing a manipulation of the argument Name can lead to cross site scripting. The attack may be performed from remote. T...
CVE-2026-2932 YiFang CMS Extended Management D_adPosition.php update cross site scripting
A security flaw has been discovered in YiFang CMS up to 2.0.5. The impacted element is the function update of the file app/db/admin/DadPosition.php of the component Extended Management Module. Performing a manipulation of the argument name/index results in cross site scripting. The attack is...
CVE-2026-2558
A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/nethandler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used...
CVE-2026-1142 PHPGurukul News Portal cross-site request forgery
A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an unknown function. Performing a manipulation results in cross-site request forgery. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks...
PT-2025-52868
Name of the Vulnerable Software and Affected Versions Print Invoice & Delivery Notes for WooCommerce versions up to and including 5.8.0 Description The Print Invoice & Delivery Notes for WooCommerce plugin for WordPress is susceptible to Remote Code Execution due to a missing capability check...
EUVD-2025-199935
A security flaw has been discovered in Qualitor 8.20/8.24. Affected by this vulnerability is the function eval of the file /html/st/stdeslocamento/request/getResumo.php. Performing manipulation of the argument passageiros results in code injection. Remote exploitation of the attack is possible. T...
Agnitum Outpost Security Suite 安全漏洞
Agnitum Outpost Security Suite is an Internet security suite from the Russian company Agnitum. A security vulnerability exists in Agnitum Outpost Security Suite versions 7.5.3 and 7.6, which stems from a flaw in the lock function that could allow a local attacker to execute arbitrary code...
PT-2025-44058
Name of the Vulnerable Software and Affected Versions Willow CMS versions prior to 1.4.1 Description A flaw exists in Willow CMS that allows for unrestricted file uploads. This issue is present in a file located at /admin/images/add and involves an unknown function. Remote attackers can exploit...
Rockwell Automation FactoryTalk Linx 安全漏洞
Rockwell Automation FactoryTalk Linx is a suite of industrial communication solutions from Rockwell Automation USA. The product is primarily used to communicate between small applications and large automation systems, among others. A security vulnerability exists in Rockwell Automation FactoryTal...
CVE-2025-11583 code-projects Online Job Search Engine postjob.php sql injection
A flaw has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function of the file /postjob.php. Executing manipulation of the argument txtjobID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
EUVD-2019-2175
Malware in sbrugna...
EUVD-2024-16682
Malicious code in bioql PyPI...
EUVD-2025-18242
Malicious code in bioql PyPI...