ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +190 more potentially affected by CVE-2026-2575 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.3)

org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +191 more potentially affected by CVE-2026-3429 via org.keycloak:keycloak-services (>=10.0.0 <=26.5.6)

org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.4.11 - com.github.wnameless.spring.boot.up:spring-boot-up-embedded-keycloak =24.3.0.0 -...

ch.iterial.keycloak.plugins:keycloak-directus-plugin (>=0.1.0 <=0.7.0), com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17) +170 more potentially affected by CVE-2025-8419 via org.keycloak:keycloak-services (>=10.0.0 <=26.2.5)

org.keycloak:keycloak-services MAVEN version =10.0.0, =0.1.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.0.1, =1.0.2 and more Source cves: CVE-2025-8419 Source advisory: OSV:GHSA-M4J5-5X4R-2XP9...

CVE-2021-24764

The Perfect Survey WordPress plugin before 1.5.2 does not sanitise and escape multiple parameters id and filterssessionid of singlestatistics page, type and message of importexport page before outputting them back in pages/attributes in the admin dashboard, leading to Reflected Cross-Site Scripti...

com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17), com.charlyghislain.keycloak:keycloak-importexport (>=11.0.1 <=23.0.1) +119 more potentially affected by CVE-2024-1722 via org.keycloak:keycloak-services (>=10.0.0 <=23.0.7)

org.keycloak:keycloak-services MAVEN version =10.0.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =4.0, =1.1.1, =0.3.0-20.0.1, =2.5.5-23.0 and more Source cves: CVE-2024-1722 Source advisory: OSV:GHSA-CQ42-VHV7-XR7P...

com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17), com.charlyghislain.keycloak:keycloak-importexport (>=11.0.1 <=23.0.1) +128 more potentially affected by CVE-2024-4540 via org.keycloak:keycloak-services (>=10.0.0 <=24.0.4)

org.keycloak:keycloak-services MAVEN version =10.0.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.0.1, =4.0, =4.17 and more Source cves: CVE-2024-4540 Source advisory: OSV:GHSA-69FP-7C8P-CRJR...

com.c4-soft.springaddons:keycloak-grants-mapper (>=3.1.13-jdk1.8 <=3.1.14-jdk17), com.charlyghislain.keycloak:keycloak-importexport (>=11.0.1 <=21.0.0) +114 more potentially affected by CVE-2023-6484 via org.keycloak:keycloak-services (>=10.0.0 <=22.0.5)

org.keycloak:keycloak-services MAVEN version =10.0.0, =3.1.13-jdk1.8, =11.0.1, =1.2.6, =1.2.5, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =1.2.4, =4.0, =1.1.1, =0.3.0-20.0.1, =1.3.2-22.0.1 and more Source cves: CVE-2023-6484 Source advisory: OSV:GHSA-J628-Q885-8GR5...

Baizhuo Network Smart s200 Management Platform Security Vulnerability

Baizhuo Network Smart s200 Management Platform is a network management platform from Baizhuo, China. A security vulnerability exists in Baizhuo Network Smart s200 Management Platform v.S200, which originates from a SQL injection vulnerability in the /importexport.php component...

PT-2023-32847 · Byzoro +1 · Byzoro S210 +1

Name of the Vulnerable Software and Affected Versions: Byzoro S210 up to 20231210 Beijing Baichuo S210 up to 20231210 Description: A critical issue has been discovered, affecting an unknown function of the file /importexport.php. The manipulation of the sql argument leads to injection. This issue...

Baizhuo S210 Injection Vulnerability

Baizhuo S210 is an Internet Behavior Management IBM device from Baizhuo. Baizhuo S210 20231210 and earlier versions have an injection vulnerability that originates from a code injection vulnerability in the file /importexport.php...

FireBear Improved Import And Export 3.8.6 XSLT Server Side Injection Exploit

FireBear Improved Import and Export version 3.8.6 for Magento 2.4.6 suffers from an XSLT server-side injection vulnerability that allows for command execution. Exploit Title: FireBear Improved Import & Export ver. 3.8.6 for Magento 2.4.6 - XSLT Server Side Injection Command Execution Exploit...

PT-2023-32260 · Beijing Baichuo +1 · Beijing Baichuo Smart S85F Management Platform +1

Name of the Vulnerable Software and Affected Versions: Byzoro Smart S85F Management Platform versions up to 20231012 Beijing Baichuo Smart S85F Management Platform versions up to 20231012 Description: A critical issue has been found, affecting an unknown functionality of the file /importexport.ph...

CVE-2023-5152

UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, has been found in D-Link DAR-7000 and DAR-8000 up to 20151231. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation of the argument sql leads to sql injection. The attack m...

D-Link DAR-7000 SQL Injection Vulnerability

D-Link DAR-7000 is an Internet behavior auditing gateway from China Youxun D-Link. SQL injection vulnerability exists in D-Link DAR-7000 20151231 and earlier versions, which originates from a SQL injection vulnerability in the parameter sql of the file /importexport...

PT-2023-5601 · D Link · D-Link Dar-8000 +1

Name of the Vulnerable Software and Affected Versions: D-Link DAR-7000 and DAR-8000 versions up to 20151231 Description: A critical issue has been found in the /importexport.php file, where the manipulation of the sql argument leads to sql injection. This allows an attacker to execute arbitrary...

CVE-2023-4873

A vulnerability, which was classified as critical, was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230906. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to os command injection. It is...

Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform Operating System Command Injection Vulnerability

Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform is a Multi-Service Secure Gateway Intelligent Management Platform from Beijing Baichuo, China. The Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform suffers from an...

PT-2023-30927 · Byzoro +1 · Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform +1

Name of the Vulnerable Software and Affected Versions: Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform versions up to 20230906 Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform versions up to 20230906 Description: A critical iss...

CVE-2023-4745

A vulnerability was found in Byzoro Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230822. It has been rated as critical. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation leads to sql injection. The attack may be...

Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform SQL Injection Vulnerability

Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform is a Multi-Service Secure Gateway Intelligent Management Platform from Beijing Baichuo, China. Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform suffers from a SQL injecti...