285 matches found
WordPress Next Event Calendar plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nguyen Ngoc Quang Bach maysbachs in WordPress Plugin Next Event Calendar versions = 1.2...
WordPress Simple Membership plugin <= 4.6.3 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by bintable in WordPress Plugin Simple Membership versions = 4.6.3...
PT-2025-23954 · Unknown · Campcodes Online Teacher Record Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Teacher Record Management System version 1.0 Description: A critical issue has been found, affecting an unknown part of the file /trms/admin/bwdates-reports-details.php. The manipulation of the fromdate and todate arguments...
Security Bulletin: There are multiple vulnerabilities that can affect IBM Fusion
Summary Multiple vulnerabilities affecting IBM Fusion could have resulted in reduced security. These issues have since been resolved. CVE-2024-6783, CVE-2024-9880, CVE-2024-51744, CVE-2024-47764, CVE-2024-9506, CVE-2024-45338, CVE-2025-25193, CVE-2024-21538, CVE-2025-27152, CVE-2024-47535,...
PT-2025-23343 · Campcodes · Campcodes Online Hospital Management System
Name of the Vulnerable Software and Affected Versions: Campcodes Online Hospital Management System version 1.0 Description: A critical issue has been found in the system, affecting the processing of the file /contact.php. The manipulation of the fullname argument leads to SQL injection. The attac...
WordPress Verge3D plugin <= 4.9.3 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Hiro Code016Hiro in WordPress Plugin Verge3D versions = 4.9.3...
PT-2025-22938 · Sourcecodester · Sourcecodester Hospital Management System
Name of the Vulnerable Software and Affected Versions: SourceCodester Online Hospital Management System version 1.0 Description: A critical issue was found in the system, affecting the file /admin/check availability.php. The manipulation of the emailid argument leads to SQL injection. This issue...
CVE-2025-48283
CVE-2025-48283 concerns the Majestic Support WordPress plugin (versions
CVE-2024-23268
An injection issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventura 13.6.5. An app may be able to elevate privileges...
CVE-2024-44168
A library injection issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15, macOS Sonoma 14.7, macOS Ventura 13.7. An app may be able to modify protected parts of the file system...
CVE-2024-8367
A vulnerability was found in HM Courts & Tribunals Service Probate Back Office up to c1afe0cdb2b2766d9e24872c4e827f8b82a6cd31. It has been classified as problematic. Affected is an unknown function of the file src/main/java/uk/gov/hmcts/probate/service/NotificationService.java of the component...
CVE-2023-38609
An injection issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.5. An app may be able to bypass certain Privacy preferences...
CVE-2023-33967
EaseProbe is a tool that can do health/status checking. An SQL injection issue was discovered in EaseProbe before 2.1.0 when using MySQL/PostgreSQL data checking. This problem has been fixed in v2.1.0...
CVE-2022-42797
An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges...
CVE-2021-32644
Ampache is an open source web based audio/video streaming application and file manager. Due to a lack of input filtering versions 4.x.y are vulnerable to code injection in random.php. The attack requires user authentication to access the random.php page unless the site is running in demo mode. Th...
CVE-2021-24862
The RegistrationMagic WordPress plugin before 5.0.1.6 does not escape user input in its rmchronosajax AJAX action before using it in a SQL statement when duplicating tasks in batches, which could lead to a SQL injection issue...
CVE-2021-30777
An injection issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.5, Security Update 2021-004 Catalina, Security Update 2021-005 Mojave. A malicious application may be able to gain root privileges...
CVE-2021-26711
A frame-injection issue in the online help in Redwood Report2Web 4.3.4.5 allows remote attackers to render an external resource inside a frame via the help/OnlineHelp/NetHelp/default.htm turl parameter...
CVE-2020-3884
An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution...
CVE-2019-17647
An issue was discovered in Centreon before 2.8.30, 18.10.8, 19.04.5, and 19.10.2. SQL Injection exists via the include/monitoring/status/Hosts/xml/hostXML.php instance parameter...