CVE-2026-45375

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, SiYuan's Bazaar community marketplace renders the name and version fields of a package's plugin.json and the equivalent theme.json / template.json / widget.json / icon.json into the Settings → Marketplace UI without HT...

SiYuan Bazaar marketplace renders unescaped package `name` and `version` metadata, allowing stored XSS and Electron code execution

Summary SiYuan's Bazaar community marketplace renders the name and version fields of a package's plugin.json and the equivalent theme.json / template.json / widget.json / icon.json into the Settings → Marketplace UI without HTML escaping. The kernel-side helper sanitizePackageDisplayStrings in...

GHSA-3HWV-X8G3-9QPR AVideo has Path Traversal in pluginRunDatabaseScript.json.php Enables Arbitrary SQL File Execution via Unsanitized Plugin Name

Summary The objects/pluginRunDatabaseScript.json.php endpoint accepts a name parameter via POST and passes it to Plugin::getDatabaseFileName without any path traversal sanitization. This allows an authenticated admin or an attacker via CSRF to traverse outside the plugin directory and execute the...

CVE-2026-33681 AVideo has Path Traversal in pluginRunDatabaseScript.json.php Enables Arbitrary SQL File Execution via Unsanitized Plugin Name

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the objects/pluginRunDatabaseScript.json.php endpoint accepts a name parameter via POST and passes it to Plugin::getDatabaseFileName without any path traversal sanitization. This allows an authenticated admin or a...

CVE-2026-33681 AVideo has Path Traversal in pluginRunDatabaseScript.json.php Enables Arbitrary SQL File Execution via Unsanitized Plugin Name

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the objects/pluginRunDatabaseScript.json.php endpoint accepts a name parameter via POST and passes it to Plugin::getDatabaseFileName without any path traversal sanitization. This allows an authenticated admin or a...

CVE-2026-33681

WWBN AVideo (versions up to 26.0) has a path traversal flaw in the objects/pluginRunDatabaseScript.json.php endpoint. An authenticated admin (or an attacker via CSRF) can pass a name parameter via POST, which is handed to Plugin::getDatabaseFileName() without proper sanitization and allows readin...

CVE-2026-1547

A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pluginname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be us...

EUVD-2026-4846

A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pluginname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be us...

CVE-2026-1547

A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pluginname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be us...

CVE-2026-1547 Totolink A7000R cstecgi.cgi setUnloadUserData command injection

A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pluginname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be us...

CVE-2026-1547

A vulnerability was detected in Totolink A7000R 4.1cu.4154. This affects the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pluginname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be us...

CVE-2026-1547

Totolink A7000R 4.1cu.4154 is affected by CVE-2026-1547 in the setUnloadUserData function of /cgi-bin/cstecgi.cgi. Manipulating the plugin_name argument enables command injection, with remote exploitation and a publicly available exploit. Multiple connected sources confirm the issue and its remot...

PT-2026-5232

Name of the Vulnerable Software and Affected Versions Totolink A7000R version 4.1cu.4154 Description A flaw exists in the setUnloadUserData function within the /cgi-bin/cstecgi.cgi file of the affected product. Manipulation of the plugin name argument can lead to command injection. This allows fo...

CVE-2023-45769

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Alex Raven WP Report Post plugin = 2.1.2 versions...

Malicious code in got-quark-charon-prettier-plugin-markdown (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a2791fdb726654cfab79699ec9ea9331cf5f86011d5e2d08bda7ac54d9a50486 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2018-9573

Malware in sbrugna...

EUVD-2021-1132

Malware in sbrugna...

CVE-2024-9434

The WPGlobus Translate Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the ontranslateoptionspage function. This makes it possible for unauthenticated attackers to inject...

CVE-2023-23686

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Brett Shumaker Simple Staff List plugin = 2.2.2 versions...

TOTOLINK N300RH 注入漏洞

TOTOLINK N300RH is a long range wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N300RH suffers from a command injection vulnerability that stems from the parameter pluginname in the file /cgi-bin/cstecgi.cgi failing to correctly filter constructed command special characters,...