2149 matches found
CVE-2025-9332 Interactive Medical Drawing of Human Body <= 2.6 - Authenticated (Admin+) Stored Cross-Site Scripting
The Interactive Human Anatomy with Clickable Body Parts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
WordPress plugin Interactive Human Anatomy with Clickable Body Parts 跨站脚本漏洞
WordPress and the WordPress plugin are products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host personal blog sites on PHP and MySQL based...
PT-2025-40494
The Interactive Human Anatomy with Clickable Body Parts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, wi...
[SECURITY] Fedora 41 Update: mapserver-8.4.1-1.fc41
Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...
[SECURITY] Fedora 42 Update: mapserver-8.4.1-1.fc42
Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...
[SECURITY] Fedora 43 Update: mapserver-8.4.1-1.fc43
Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...
Computational Monogamy of Entanglement and Non-Interactive Quantum Key Distribution
Quantum key distribution QKD enables Alice and Bob to exchange a secret key over a public, untrusted quantum channel. Compared to classical key exchange, QKD achieves everlasting security: after the protocol execution the key is secure against adversaries that can do unbounded computations. On th...
MAVUL: Multi-Agent Vulnerability Detection Via Contextual Reasoning and Interactive Refinement
The widespread adoption of open-source software OSS necessitates the mitigation of vulnerability risks. Most vulnerability detection VD methods are limited by inadequate contextual understanding, restrictive single-round interactions, and coarse-grained evaluations, resulting in undesired model...
CVE-2025-57602
Insufficient hardening of the proxyuser account in the AiKaan IoT management platform, combined with the use of a shared, hardcoded SSH private key, allows remote attackers to authenticate to the cloud controller, gain interactive shell access, and pivot into other connected IoT devices. This can...
CVE-2025-4688
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BGS Interactive SINAV.LINK Exam Result Module allows SQL Injection. This issue affects SINAV.LINK Exam Result Module: before 1.2...
CVE-2025-4688
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BGS Interactive SINAV.LINK Exam Result Module allows SQL Injection. This issue affects SINAV.LINK Exam Result Module: before 1.2...
CVE-2025-4688
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BGS Interactive SINAV.LINK Exam Result Module allows SQL Injection. This issue affects SINAV.LINK Exam Result Module: before 1.2...
CVE-2025-4688 SQLi in BGS Interactive's SINAV.LINK Exam Result Module
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BGS Interactive SINAV.LINK Exam Result Module allows SQL Injection. This issue affects SINAV.LINK Exam Result Module: before 1.2...
CVE-2025-4688 SQLi in BGS Interactive's SINAV.LINK Exam Result Module
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in BGS Interactive SINAV.LINK Exam Result Module allows SQL Injection. This issue affects SINAV.LINK Exam Result Module: before 1.2...
BGS Interactive SINAV.LINK Exam Result Module SQL注入漏洞
BGS Interactive SINAV.LINK Exam Result Module is a system component of BGS Interactive that manages exam results. A SQL injection vulnerability exists in BGS Interactive SINAV.LINK Exam Result Module versions prior to 1.2, which stems from improper neutralization of a special element and could le...
Cyber Threat Hunting: Non-Parametric Mining of Attack Patterns from Cyber Threat Intelligence for Precise Threats Attribution
With the ever-changing landscape of cyber threats, identifying their origin has become paramount, surpassing the simple task of attack classification. Cyber threat attribution gives security analysts the insights they need to device effective threat mitigation strategies. Such strategies empower...
fimap
fimap is a Python tool designed to find, prepare, audit, exploit, and even automatically Google for local and remote file inclusion LFI/RFI bugs in web applications. It can identify and exploit file inclusion bugs, including include, includeonce, require, and requireonce functions. The tool has a...
CVE-2025-59046
The npm package interactive-git-checkout is an interactive command-line tool that allows users to checkout a git branch while it prompts for the branch name on the command-line. It is available as an npm package and can be installed via npm install -g interactive-git-checkout. Versions up to and...
Arbitrary Command Injection
Overview interactive-git-checkout is a CLI for simple branch switching Affected versions of this package are vulnerable to Arbitrary Command Injection due to using exec function without proper input validation or sanitization. An attacker can execute arbitrary system commands by supplying special...
GHSA-4WCM-7HJF-6XW5 interactive-git-checkout has a Command Injection vulnerability
The npm package interactive-git-checkout is an interactive command-line tool that allows users to checkout a git branch while it prompts for the branch name on the command-line. It is available as an npm package and can be installed via npm install -g interactive-git-checkout. Resources: Project'...