CVE-2025-22383

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that could contain unfiltered HTML markup in specific...

CVE-2025-22383

An issue was discovered in Optimizely Configured Commerce before 5.2.2408. A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that could contain unfiltered HTML markup in specific...

PT-2025-4479 · Optimizely · Optimizely Configured Commerce

Name of the Vulnerable Software and Affected Versions: Optimizely Configured Commerce versions prior to 5.2.2408 Description: A medium-severity input validation issue exists in the Commerce B2B application, affecting the Contact Us functionality. This allows visitors to send e-mail messages that...

CVE-2025-22383

CVE-2025-22383 affects Optimizely Configured Commerce prior to 5.2.2408. The issue is a medium-severity input validation flaw in the Commerce B2B Contact Us flow that could allow visitors to send emails containing unfiltered HTML markup in certain scenarios. Impact as stated is limited to this sc...

[SECURITY] Fedora 40 Update: libell-0.71-1.fc40

The Embedded Linux Library ELL provides core, low-level functionality for system daemons. It typically has no dependencies other than the Linux kernel, C standard library, and libdl for dynamic linking. While ELL is designed to be efficient and compact enough for use on embedded Linux platforms, ...

CVE-2023-48739 WordPress Porto Theme Functionality plugin < 2.12.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Porto Theme Porto Theme - Functionality porto-functionality allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Porto Theme - Functionality: from n/a through 2.12.1...

PT-2025-3188 · Unknown · Html Forms

Name of the Vulnerable Software and Affected Versions: HTML Forms versions n/a through 1.4.1 Description: The issue is related to improper neutralization of input during web page generation, which allows Reflected XSS. This means that an attacker can inject malicious code into the HTML Forms,...

WordPress plugin Porto Theme - Functionality 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability i...

PT-2025-1549 · Unknown · Porto Theme - Functionality

Name of the Vulnerable Software and Affected Versions: Porto Theme - Functionality versions prior to 2.12.1 Description: The issue is related to a missing authorization vulnerability in Porto Theme - Functionality, which allows exploiting incorrectly configured access control security levels...

PT-2025-34630 · Libbiosig +1 · Libbiosig +1

Name of the Vulnerable Software and Affected Versions: libbiosig versions 3.9.0 and Master Branch 35a819fa Description: A heap-based buffer overflow exists in the MFER parsing functionality. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious fi...

CVE-2024-56225

Missing Authorization vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Premium Addons for Elementor: from n/a through = 4.10.56...

CVE-2024-13038 CodeAstro Simple Loan Management System Login index.php sql injection

A vulnerability was found in CodeAstro Simple Loan Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /index.php of the component Login. The manipulation of the argument email leads to sql injection. The attack can be...

CVE-2024-13033

A vulnerability, which was classified as problematic, has been found in code-projects Chat System 1.0. Affected by this issue is some unknown functionality of the file /admin/chatroom.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The...

CVE-2024-13008

CVE-2024-13008 affects code-projects’ Responsive Hotel Site version 1.0, specifically the function/file /admin/newsletter.php . The vulnerability arises from improper input validation of the eid parameter, enabling a SQL injection. Attacks can be launched remotely, and the exploit has been disclo...

CVE-2024-53228 riscv: kvm: Fix out-of-bounds array access

In the Linux kernel, the following vulnerability has been resolved: riscv: kvm: Fix out-of-bounds array access In kvmriscvvcpusbiinit the entry-extidx can contain an out-of-bound index. This is used as a special marker for the base extensions, that cannot be disabled. However, when traversing the...

CVE-2024-50944

Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. The issue lies in the quantity parameter in the CartController's AddToCart method...

Cosmos: Making transfer v2 channel unupgradable through the forwarding

The transfer v2 channel can become unupgradable through the forwarding functionality. The forwarding process can create packet commitments on a legitimate channel, which cannot be deleted due to the lack of acknowledgments from a malicious channel. This results in the legitimate channel being...

CVE-2024-12932

A vulnerability was found in code-projects Simple Admin Panel 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file addSizeController.php. The manipulation of the argument size leads to cross site scripting. The attack can be launched...

PT-2024-17825 · Unknown · 1000 Projects Portfolio Management System Mca

Name of the Vulnerable Software and Affected Versions: 1000 Projects Portfolio Management System MCA version 1.0 Description: A critical issue has been found in the 1000 Projects Portfolio Management System MCA, affecting some unknown functionality of the file /update pd process.php. The...

Dell Integrated Remote Access Controller (iDRAC) Hardware Detection

Binary data dellidracdevicedetect.nbin...