CVE-2026-32261 RCE via SSTI for users with permissions to access the Craft CMS Webhooks plugin

Webhooks for Craft CMS plugin adds the ability to manage “webhooks” in Craft CMS, which will send GET or POST requests when certain events occur. From version 3.0.0 to before version 3.2.0, the Webhooks plugin renders user-supplied template content through Twig’s renderString function without...

PT-2025-45034

Name of the Vulnerable Software and Affected Versions Salesforce Agentforce Vibes Extension versions prior to 3.2.0 Description An issue exists in Salesforce Agentforce Vibes Extension related to improper neutralization of input used for LLM prompting, potentially allowing manipulation of writabl...

Linux Distros Unpatched Vulnerability : CVE-2024-55918

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in the Graphics::ColorNames package before 3.2.0 for Perl. There is an ambiguity between modules and filenames that can lead to HTML...

CVE-2016-11069

An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change...

WeGIA 安全漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA versions prior to 3.2.0 that stems from vulnerability to a false access control attack in control/control.php...

PT-2025-3391 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: Wegia versions prior to 3.2.0 Description: The issue is related to Cross Site Scripting XSS in the /geral/documentos funcionario.php endpoint via the id parameter. This allows for potential malicious script injection. Recommendations: For...

Stormshield SSL VPN Client 加密问题漏洞

Stormshield SSL VPN Client is a VPN client from Stormshield. A security vulnerability exists in Stormshield SSL VPN Client versions prior to 3.2.0 that stems from allowing an attacker enough access to other encrypted address books...

PT-2022-23168 · Phpmyfaq · Phpmyfaq

Name of the Vulnerable Software and Affected Versions: phpMyFAQ versions prior to 3.2.0-alpha Description: The issue is related to stored Cross-site Scripting XSS in the phpMyFAQ repository. A patch for this issue is available on the main branch of the repository and is expected to be included in...

Mattermost Server Information Disclosure Vulnerability (CNVD-2020-35456)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in the initialload API in Mattermost Server versions prior to 3.2.0. An attacker can exploit this vulnerability to obtain personal information...

Belden Hirschmann Tofino Xenon Security Appliance Protocol Filter Evasion Vulnerability

The Tofino Xenon security appliance is the ideal solution for segmenting control networks into secure zones. A protocol filter evasion vulnerability exists in the Tofino Xenon security appliance prior to version 03.2.00. The vulnerability arises because the ModBus DPI filter improperly handles th...