EUVD-2022-4071

Malicious code in bioql PyPI...

PT-2025-9182 · Unknown · Zorlan Skycaiji

Name of the Vulnerable Software and Affected Versions: Zorlan SkyCaiji version 2.9 Description: A critical vulnerability was found in Zorlan SkyCaiji, affecting the previewAction function of the file vendor/skycaiji/app/admin/controller/Tool.php. The manipulation of the data argument leads to...

PT-2024-10603 · WordPress · Formidable Form Builder

Name of the Vulnerable Software and Affected Versions: Formidable Form Builder plugin for WordPress versions up to, and including, 2.05.03 Description: The issue allows unauthenticated attackers to export all form entries for a given form via the frm forms preview AJAX action. This enables the...

CVE-2021-35506

Afian FileRun 2021.03.26 allows XSS when an administrator encounters a crafted document during use of the HTML Editor for a preview or edit action...

CVE-2018-20313

Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyPreviewAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read...

Sql injection

SQL injection vulnerability in students.php in BPowerHouse BPStudents 1.0 allows remote attackers to execute arbitrary SQL commands via the test parameter in a preview action...