SQL Injection

Overview Affected versions of this package are vulnerable to SQL Injection in the processinsertquery function in the PostgresDB class. An attacker who can control the tablename used in a query, which is passed to the seqname argument without escaping, can cause SQL to be executed. Remediation The...

WordPress WP Headers And Footers plugin <= 3.1.1 - Cross-Site Request Forgery to Arbitrary Options Update vulnerability

Cross-Site Request Forgery to Arbitrary Options Update vulnerability discovered by Carlos Ferreira in WordPress Plugin Insert Headers And Footers versions = 3.1.1...

SilverStripe 5.3.8 - Stored Cross Site Scripting (XSS) (Authenticated)

Exploit Title: SilverStripe 5.3.8 - Stored Cross Site Scripting XSS Authenticated Date: 2025-01-15 Exploit Author: James Nicoll Vendor Homepage: https://www.silverstripe.org/ Software Link: https://www.silverstripe.org/download/ Category: Web Application Version: 5.2.22 Tested on: SilverStripe...

PT-2025-18404

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.12.0-rc6-syzkaller-00318-ga9cda7c0ffed Description A use-after-free issue was detected in the ext4 insert dentry function due to out-of-bounds access caused by incorrect splitting in do split. This issue can le...

CVE-2025-31379

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in programphases Insert HTML Here insert-html-here allows Reflected XSS.This issue affects Insert HTML Here: from n/a through = 1.0...

CVE-2025-31379

CVE-2025-31379 : Reflected XSS in WordPress plugin "Insert HTML Here" (

CVE-2025-31379 WordPress Insert HTML Here plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in programphases Insert HTML Here allows Reflected XSS. This issue affects Insert HTML Here: from n/a through 1.0...

CVE-2025-31379 WordPress Insert HTML Here plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in programphases Insert HTML Here insert-html-here allows Reflected XSS.This issue affects Insert HTML Here: from n/a through = 1.0...

PT-2025-28989

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: In the Linux kernel, a flaw exists within the btrfs subsystem, specifically in the btrfs convert extent bit function. If the insert state function fails, it returns an error pointer...

SUSE CVE-2025-21959

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

CVE-2025-2779 Insert Headers and Footers Code – HT Script <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with...

CVE-2025-2779 Insert Headers and Footers Code – HT Script <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Options Update

The Insert Headers and Footers Code – HT Script plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxdismiss function in all versions up to, and including, 1.1.2. This makes it possible for authenticated attackers, with...

AZL-60297 CVE-2025-21959 affecting package kernel for versions less than 5.15.180.1-1

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

AZL-60273 CVE-2025-21959 affecting package kernel for versions less than 6.6.85.1-2

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

DEBIAN-CVE-2025-21959

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

UBUNTU-CVE-2025-21959

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: Fully initialize struct nfconncounttuple in inserttree Since commit b36e4523d4d5 "netfilter: nfconncount: fix garbage collection confirm race", cpu and jiffies32 were introduced to the struct...

CVE-2025-2700

A vulnerability classified as problematic has been found in michelson Dante Editor up to 0.4.4. This affects an unknown part of the component Insert Link Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-2700 michelson Dante Editor Insert Link cross site scripting

A vulnerability classified as problematic has been found in michelson Dante Editor up to 0.4.4. This affects an unknown part of the component Insert Link Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2025-2419

A vulnerability classified as critical has been found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /InsertFeedback.php. The manipulation of the argument txtName/txtEmail/txtMobile/txtFeedback leads to sql injection. It is possible to...

CVE-2025-28932

Cross-Site Request Forgery CSRF vulnerability in BCS Website Solutions Insert Code insert-code allows Stored XSS.This issue affects Insert Code: from n/a through = 2.4...