Astra Linux - уязвимость в php7.3

In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, various XML functions rely on the libxml global state to track configuration variables, such as whether external entities are loaded. This state is assumed to remain unchanged unless the user explicitly changes it by...

Astra Linux - уязвимость в php7.3

In PHP versions 8.0. before 8.0.30, 8.1. before 8.1.22, and 8.2. before 8.2.8, when loading PHAR files, insufficient length checking may lead to a stack buffer overflow, potentially causing memory corruption or Remote Code Execution RCE...

Astra Linux - уязвимость в php7.3

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23, and 7.4.x below 7.4.11, when AES-CCM mode is used with the opensslencrypt function and a 12-byte IV is provided, only the first 7 bytes of the IV are actually used. This can result in reduced security and incorrect encrypted data...

Astra Linux - уязвимость в php7.3

In PHP versions 7.3.x below 7.3.26, 7.4.x below 7.4.14, and 8.0.0, when validating URLs using functions like filtervar$url, FILTERVALIDATEURL, PHP will accept a URL with an invalid password as a valid URL. This may cause functions that rely on the validity of URLs to misinterpret the URL and...

CVE-2026-7522

The Advanced Database Cleaner – Premium plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 4.1.0 via the 'template' parameter. This makes it possible for authenticated attackers, with Subscriber-level access and above, to include and execute arbitrary .ph...

CVE-2026-7637

The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in the STYXKEY-BOOSTUSERLOCATION cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present i...

CVE-2026-7637

The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in the STYXKEY-BOOSTUSERLOCATION cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present i...

CVE-2026-8624

The CVE-2026-8624 entry concerns the WordPress plugin “LJ comments import: reloaded” up to version 0.97.1. It is vulnerable to Reflected Cross-Site Scripting via the PHP_SELF parameter due to insufficient input sanitization and output escaping, allowing unauthenticated attackers to inject arbitra...

CVE-2026-8624 LJ comments import: reloaded <= 0.97.1 - Reflected Cross-Site Scripting via PHP_SELF Parameter

The LJ comments import: reloaded plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 0.97.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2026-8624 LJ comments import: reloaded <= 0.97.1 - Reflected Cross-Site Scripting via PHP_SELF Parameter

The LJ comments import: reloaded plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 0.97.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

PT-2026-42100

The Boost plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.0.3 via deserialization of untrusted input in the STYXKEY-BOOST USER LOCATION cookie. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present...

PT-2026-42250

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in single.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the ticket id GET parameter directly into an HTML attribute. Attackers can craft a...

PT-2026-42168

Name of the Vulnerable Software and Affected Versions Twig versions 2.16.x Twig versions 3.9.0 through 3.25.x Description A sandbox bypass exists when using a SourcePolicyInterface. This occurs because a runtime check fails to use the current template source, allowing attackers with template...

tickets 跨站脚本漏洞

Tickets is an open-source public safety scheduling and tracking application developed by Open ISES. Versions of Tickets prior to 3.44.2 contained a cross-site scripting vulnerability. This vulnerability stemmed from a reflection-based cross-site scripting vulnerability in routesnm.php, which coul...

PT-2026-42257

Open ISES Tickets before 3.44.2 contains a reflected cross-site scripting vulnerability in do unit mail.php that allows authenticated attackers to inject arbitrary JavaScript by passing an unsanitized value through the the ticket GET parameter directly into a JavaScript variable assignment...

CVE-2026-29963

HSC MailInspector 5.3.3-7 has a Path Traversal vulnerability due to improper validation of user-supplied input in the /tap/dw.php endpoint. The text parameter is used to construct file paths without adequate normalization or restriction to a safe base directory. A remote attacker can exploit this...

CVE-2026-42099

Sparx Pro Cloud Server is vulnerable to a Race Condition in the /dataapi/dlinternalartifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location DIR under the specified name. An attacker with repository access...

CVE-2026-42099 Race Condition in Sparx Pro Cloud Server

Sparx Pro Cloud Server is vulnerable to a Race Condition in the /dataapi/dlinternalartifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location DIR under the specified name. An attacker with repository access...

CVE-2026-46725

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...

CVE-2026-46725

The extension passes an attacker-controlled cookie directly to PHP's unserialize without safely processing the input. A remote, unauthenticated attacker can supply a crafted serialized payload to trigger PHP Object Injection, leading to Remote Code Execution on the TYPO3 server. Exploitation...