55 matches found
PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection
A SQL injection vulnerability in the productalloneimg and imageproduct parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data. id: CVE-2022-22897 info: name: PrestaShop AP Pagebuilder = 2.4.4 - SQL Injection...
CVE-2026-39292
Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exists due to insufficient validation of uploaded file types...
EUVD-2026-33329
Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exists due to insufficient validation of uploaded file types...
CVE-2026-39292
Summary: Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module, allowing remote attackers to upload arbitrary files and achieve remote code execution. Root cause: insufficient validation of uploaded file types and executabl...
CVE-2026-39292
Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exists due to insufficient validation of uploaded file types...
PHPagebuilder 安全漏洞
PHPagebuilder is a drag-and-drop page building tool developed by Hans Schouten. It is used to quickly create and manage websites. Version PHPagebuilder v0.31.0 contains a security vulnerability. This vulnerability stems from an unlimited file upload vulnerability in the pagmanager/pagebuilder...
CVE-2026-39292
Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exists due to insufficient validation of uploaded file types...
CVE-2026-39292
Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exists due to insufficient validation of uploaded file types...
PT-2026-44858
Falco Solutions PHPPageBuilder v0.31.0 contains an unrestricted file upload vulnerability in the pagemanager/pagebuilder module that allows remote attackers to upload arbitrary files and achieve remote code execution. The vulnerability exists due to insufficient validation of uploaded file types...
CVE-2024-34573
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Pootlepress Pootle Pagebuilder – WordPress Page builder allows Stored XSS.This issue affects Pootle Pagebuilder – WordPress Page builder: from n/a through 5.7.1...
EUVD-2025-37432
The kallyas theme for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.0 via the THPhpCode pagebuilder widget. This is due to the theme not restricting access to the code editor widget for non-administrators. This makes it possible for authenticated...
CVE-2025-6990
The kallyas theme for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.0 via the THPhpCode pagebuilder widget. This is due to the theme not restricting access to the code editor widget for non-administrators. This makes it possible for authenticated...
EUVD-2022-5394
Malicious code in bioql PyPI...
EUVD-2022-47827
Malicious code in bioql PyPI...
EUVD-2024-34876
Malicious code in bioql PyPI...
CVE-2022-44897
A cross-site scripting XSS vulnerability in ApolloTheme AP PageBuilder component through 2.4.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the shownumber parameter...
CVE-2022-22897
A SQL injection vulnerability in the productalloneimg and imageproduct parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data...
CVE-2019-8144
A remote code execution vulnerability exists in Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An unauthenticated user can insert a malicious payload through PageBuilder template methods...
VulnCheck KEV: CVE-2022-22897
A SQL injection vulnerability in the productalloneimg and imageproduct parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data...
Pootle Pagebuilder – WordPress Page builder <= 5.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Description The Pootle Pagebuilder – WordPress Page builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 5.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...