PT-2024-25319 · 8Theme · 8Theme Xstore Core

Name of the Vulnerable Software and Affected Versions: 8theme XStore Core versions from n/a through 5.3.5 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL injection, potentially...

PT-2019-16948 · Ibm · Ibm Cognos Controller

Name of the Vulnerable Software and Affected Versions: IBM Cognos Controller versions 10.2.0 through 10.4.0 Description: A flaw in the HTTP OPTIONS method, also known as Optionsbleed, could allow a remote attacker to obtain sensitive information. By sending an OPTIONS HTTP request to the / API...

PT-2019-9386 · WordPress · Mndpsingh287 File Manager

Name of the Vulnerable Software and Affected Versions: mndpsingh287 File Manager plugin version 3.0 for WordPress Description: The issue is related to a CSRF vulnerability. It affects the public path parameter in the page=wp file manager root endpoint. Recommendations: For version 3.0 of the...