4 matches found
EUVD-2026-41435
AutoBangumi before 3.2.8 contains a hard-coded default credentials vulnerability that allows unauthenticated attackers to authenticate as the administrator by using the publicly known default credentials seeded at startup via adddefaultuser in the database user module when the users table is empt...
WeGIA SQL注入漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA versions prior to 3.2.8 that stems from the presence of a SQL injection vulnerability that allows an attacker to execute arbitrary SQL commands, thereby compromisi...
WeGIA 跨站脚本漏洞
WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A cross-site scripting vulnerability exists in WeGIA versions prior to 3.2.8, which stems from the presence of a Reflective Cross-Site Scripting XSS vulnerability that allows an attacker to inject malicio...
WordPress custom-404-pro plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. custom-404-pro is a 404 page customization plugin used in it. A cross-site scripting vulnerability exists in WordPress custom-404-pro...