MAL-2025-10335 Malicious code in @zalastax/nolb-_pum (npm)

The package @zalastax/nolb-pum was found to contain malicious code...

VulnCheck KEV: CVE-2019-17574

An issue was discovered in the Popup Maker plugin before 1.8.13 for WordPress. An unauthenticated attacker can partially control the arguments of the doaction function to invoke certain popmake or pum methods, as demonstrated by controlling content and delivery of popmake-system-info.txt...

pum-pu.ru Cross Site Scripting vulnerability OBB-3858870

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

pum-tech.co.kr Cross Site Scripting vulnerability OBB-1368747

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

pum-tech.co.kr Cross Site Scripting vulnerability OBB-1351450

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

pum-tech.co.kr Cross Site Scripting vulnerability OBB-1341885

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

NetIQ Privileged User Manager 2.3.1 ldapagnt_eval() Remote Perl Code Execution

his Metasploit module abuses a lack of authorization in the NetIQ Privileged User Manager service unifid.exe to execute arbitrary perl code. The problem exists in the ldapagnt module. The module has been tested successfully on NetIQ PUM 2.3.1 over Windows 2003 SP2, which allows to execute arbitra...

pafiledb-sql.txt

Site: http://www.phparena.net/pafiledb Description: SQL injection categories in includes/search.php Code: $results = $db-GetArray"SELECT FROM ".$dbPrefix."files WHERE ".$searchin." AND filecatid IN ".implode',',$POST'categories'.""; Comment:"ouuch" SQL: UNION SELECT ALL...