PT-2025-32967 · WordPress · Tutor Lms Pro

Name of the Vulnerable Software and Affected Versions: Tutor LMS Pro versions prior to 3.7.1 Description: The Tutor LMS Pro plugin for WordPress is susceptible to a time-based SQL Injection issue. This occurs due to insufficient input validation and query preparation when handling the order...

CVE-2025-49015

The Couchbase .NET SDK client library before 3.7.1 does not properly enable hostname verification for TLS certificates. In fact, the SDK was also using IP addresses instead of hostnames due to a configuration option that was incorrectly enabled by default...

GitHub Enterprise Server 安全漏洞

GitHub Enterprise Server is a U.S. GitHub open source application. It provides a platform for setting up your own GitHub instance as a virtual appliance, thus providing a scalable, easy-to-manage platform. A security vulnerability exists in GitHub Enterprise Server versions prior to 3.7.1 that...

Bolt CMS Cross-Site Request Forgery Vulnerability (CNVD-2020-35947)

Bolt CMS is a PHP-based open source content management system for the Bolt community. A cross-site request forgery vulnerability exists in Bolt CMS versions prior to 3.7.1. The vulnerability stems from a WEB application that does not adequately validate whether a request is coming from a trusted...