CVE-2018-25180

Maitra 1.7.2 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code via the mailid parameter in the outmail and inmail modules. The same flaw enables attackers to download the SQLite database file directly from the ...

CVE-2018-25180 Maitra 1.7.2 SQL Injection and Database File Download

Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. Attackers can also download the SQLite database file directly from the application...

CVE-2018-25180 Maitra 1.7.2 SQL Injection and Database File Download

Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. Attackers can also download the SQLite database file directly from the application...

BIT-ACTIVEMQ-2025-66168 Apache ActiveMQ, Apache ActiveMQ All Module, Apache ActiveMQ MQTT Module: MQTT control packet remaining length field is not properly validated

WARNING: Users of 6.x should upgrade to 6.2.4 or later as the fix was missed in previous 6.x releases. See the following for more details: https://activemq.apache.org/security-advisories.data/CVE-2026-40046-announcement.txt https://vulners.com/cve/CVE-2026-40046 Original Report: Apache ActiveMQ...

CVE-2026-28538

Path traversal vulnerability in the certificate management module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28552

Out-of-bounds write vulnerability in the IMS module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-29052

The Calendar module for HumHub enables users to create one-time or recurring events, manage attendee invitations, and efficiently track all scheduled activities. Prior to version 1.8.11, a Stored Cross-Site Scripting XSS vulnerability in the Event Types of the HumHub Calendar module impacts users...

CVE-2026-28550

Race condition vulnerability in the security control module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28544

Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28545

Race condition vulnerability in the printing module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2026-28537

Double free vulnerability in the window module. Impact: Successful exploitation of this vulnerability may affect availability...

[SECURITY] Fedora 42 Update: opensips-3.5.9-2.fc42

OpenSIPS or Open SIP Server is a very fast and flexible SIP RFC3261 proxy server. Written entirely in C, opensips can handle thousands calls per second even on low-budget hardware. A C Shell like scripting language provides full control over the server's behaviour. It's modular architecture allow...

Salzer Maitra SQL注入漏洞

Salzer Maitra is a business management software platform developed by the American company Salzer. Version 1.7.2 of Salzer Maitra contains a SQL injection vulnerability. This vulnerability stems from the mailid parameter in the outmail and inmail modules, which allows for SQL injections...

Linux Distros Unpatched Vulnerability : CVE-2025-40931

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache::Session::Generate::MD5 versions through 1.94 for Perl create insecure session id. Apache::Session::Generate::MD5 generates session ids insecurely. The...

RHEL 8 : kpatch-patch-4_18_0-372_131_1, kpatch-patch-4_18_0-372_137_1, kpatch-patch-4_18_0-372_145_1, kpatch-patch-4_18_0-372_158_1, and kpatch-patch-4_18_0-372_170_1 (RHSA-2026:3866)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3866 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch module i...

PT-2026-23692

Maitra 1.7.2 contains an sql injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the mailid parameter in outmail and inmail modules. Attackers can also download the SQLite database file directly from the application...

CVE-2026-28456

OpenClaw versions 2026.1.5 prior to 2026.2.14 contain a vulnerability in the Gateway in which it does not sufficiently constrain configured hook module paths before passing them to dynamic import, allowing code execution. An attacker with gateway configuration modification access can load and...

CVE-2026-28393

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings.transform.module parameter accepts absolute paths and traversal sequences, enabling attackers with configuration...

CVE-2026-28393

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings.transform.module parameter accepts absolute paths and traversal sequences, enabling attackers with configuration...

CVE-2026-28456

OpenClaw in Gateway has a path handling flaw: configurations may pass unconstrained hook module paths to dynamic import(), enabling local module execution in the Node.js process. Affects OpenClaw 2026.1.5 prior to 2026.2.14. Exploitation requires gateway config modification access. Impact: high o...