10 matches found
PT-2026-46908
Name of the Vulnerable Software and Affected Versions Widget Factory Joomla Content Editor JCE versions 1.0.0 through 2.9.99.4 Description An improper access control issue in the JCE editor extension for Joomla allows unauthenticated users to create new editor profiles. This flaw enables the uplo...
Exploit for CVE-2025-8723
⚡️ Cloudflare Image Resizing Description: The plugin'...
CVE-2025-8844
A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parsesmacrotemplate of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...
CVE-2025-1782
In HylaFAX Enterprise Web Interface and AvantFAX, the language form element is not properly sanitized before being used and can be misused to include an arbitrary file in the PHP code allowing an attacker to do anything as the web server user. This flaw requires the attacker to be authenticated...
YASM Security Vulnerabilities
yasm is a completely rewritten Netwide assembler from the yasm open source. A security vulnerability exists in YASM version 1.3.0.86.g9def, which stems from a Denial of Service DOS vulnerability in the expandsmacro function in the /preprocs/nasm/nasm-pp.c component...
SUSE CVE-2017-17818
In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in pastetokens in asm/preproc.c...
vBulletin Remote Code Execution Vulnerability
vBulletin is a business forum program developed and marketed by Internet Brands and vBulletin Solutions. A remote code execution vulnerability exists in vBulletin, which can be exploited by an attacker to inject and execute arbitrary PHP code...
baigoStudio baigoSSO Code Injection Vulnerability
baigoStudio baigoSSO is a single sign-on system. A security vulnerability exists in baigoStudio baigoSSO v3.0.1. The vulnerability can be exploited by a remote attacker to execute arbitrary PHP code via the site name field in the base configuration...
CVE-2017-17818
In Netwide Assembler NASM 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in pastetokens in asm/preproc.c...
UBUNTU-CVE-2015-5660
Cross-site request forgery CSRF vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code...