1477 matches found
WordPress CSV to SortTable plugin cross-site scripting vulnerability
WordPress CSV to SortTable plugin is WordPress plugin for converting CSV files to interactive sorting tables. The WordPress CSV to SortTable plugin suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data,...
Student Record System admin-profile.php file cross-site scripting vulnerability
Student Record System is a software application. Student Record System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the adminname and aemailid parameters of admin-profile.php, which can be exploited to...
EUVD-2025-50782
ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...
CVE-2025-63617
ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...
CVE-2025-63617
ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...
ktg-mes 安全漏洞
ktg-mes Bitter Candy MES is a production execution management system by the individual developer kutangguo. A security vulnerability exists in ktg-mes due to the use of a vulnerable version of fastjson and deserialization of insecure input data...
CVE-2025-63617
ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...
WordPress plugin Saphali LiqPay for donate 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
CVE-2025-47365
Memory corruption while processing large input data from a remote source via a communication interface...
CVE-2025-47365
Memory corruption while processing large input data from a remote source via a communication interface...
CVE-2025-47365 Integer Overflow or Wraparound in Automotive Platform
Memory corruption while processing large input data from a remote source via a communication interface...
CVE-2025-47365
CVE-2025-47365 concerns a memory corruption issue in Qualcomm Chipsets/Automotive Platform caused by processing large input data received from a remote source over a communication interface. The root cause is described as an integer overflow or wraparound in the affected data handling. Impact is ...
Qualcomm Chipsets 输入验证错误漏洞
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. An input validation error vulnerability exists in Qualcomm Chipsets, which arises from a memory corruption when processing large input data from a communication interface from a remote source...
ROS-20251028-01
A vulnerability in the Webmin hosting control panel CGI request handler is associated with errors in processing input data. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code with root privileges...
openSUSE Security Advisory (SUSE-SU-2025:03624-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-8887
Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Forceful Browsing, Parameter Injection, Input Data Manipulation.This issue affects Aybs...
CVE-2025-8887
Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Forceful Browsing, Parameter Injection, Input Data Manipulation. This issue affects Aybs...
CVE-2025-8887 IDOR in Usta Information Systems' Aybs Interaktif
Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Forceful Browsing, Parameter Injection, Input Data Manipulation. This issue affects Aybs...
CVE-2025-8887
The CVE-2025-8887 issue concerns Usta Information Systems Inc. Aybs Interaktif. Affects Aybs Interaktif versions from 2024 through 28082025 and arises from an authorization bypass via user-controlled keys, leading to missing authorization and exposure of sensitive information to an unauthorized a...
CVE-2025-8887 IDOR in Usta Information Systems' Aybs Interaktif
Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Forceful Browsing, Parameter Injection, Input Data Manipulation. This issue affects Aybs...