CVE-2026-40863 PhpSpreadsheet: CPU Denial of Service via Unbounded Row Index in SpreadsheetML XML Reader

PhpSpreadsheet is a pure PHP library for reading and writing spreadsheet files. Prior to 1.30.4, 2.1.16, 2.4.5, 3.10.5, and 5.7.0, the SpreadsheetML XML reader Reader\Xml does not validate the ss:Index row attribute against the maximum allowed row count AddressRange::MAXROW = 1,048,576. An attack...

GHSA-63X8-X938-VX33 SP1 V6 Recursion Circuit Row-Count Binding Gap

Summary A soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof that the native verifier would reject. - Affected versions: = 6.0.0, = 6.0.2 - Not affected: SP1 V5 all versions - Severity: High Details Background...

SP1 V6 Recursion Circuit Row-Count Binding Gap

Summary A soundness vulnerability in the SP1 V6 recursive shard verifier allows a malicious prover to construct a recursive proof from a shard proof that the native verifier would reject. - Affected versions: = 6.0.0, = 6.0.2 - Not affected: SP1 V5 all versions - Severity: High Details Background...

CVE-2025-4203

The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection via the getmembers function in all versions up to, and including, 2.4.8 due to missing integer validation on the 'offset' and 'rowcount' parameters. The function blindly interpolates 'rowcount' into a...

WordPress plugin wpForo Forum SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injection...

EUVD-2025-35921

The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection via the getmembers function in all versions up to, and including, 2.4.8 due to missing integer validation on the 'offset' and 'rowcount' parameters. The function blindly interpolates 'rowcount' into a...

CVE-2025-4203

The wpForo Forum plugin for WordPress is vulnerable to error‐based or time-based SQL Injection via the getmembers function in all versions up to, and including, 2.4.8 due to missing integer validation on the 'offset' and 'rowcount' parameters. The function blindly interpolates 'rowcount' into a...

PT-2025-43725

Name of the Vulnerable Software and Affected Versions wpForo Forum versions prior to 2.4.9 Description The wpForo Forum plugin for WordPress is susceptible to error-based or time-based SQL Injection through the get members function. This is due to a lack of integer validation on the offset and ro...

CVE-2022-0426

The Product Feed PRO for WooCommerce WordPress plugin before 11.2.3 does not escape the rowCount parameter before outputting it back in an attribute via the wooseacategoriesdropdown AJAX action available to any authenticated user, leading to a Reflected Cross-Site Scripting...

CVE-2021-38190

An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count...

Design/Logic Flaw

An issue was discovered in the nalgebra crate before 0.27.1 for Rust. It allows out-of-bounds memory access because it does not ensure that the number of elements is equal to the product of the row count and column count...

UBUNTU-CVE-2021-23962

Incorrect use of the '' method could have led to a user-after-poison and a potentially exploitable crash. This vulnerability affects Firefox 85...

ManageEngine Support Center Plus <= 7903 - Multiple Vulnerabilities

No description provided by source. | |.--.--.| || | .-----.| | |. | || || | ||. | | | || | |. | ||.| \ ||. | |||||||| |: 1 | |: 1 ||: 1 | |::.. . | |::.. . ||::.. . | -------' -------'-------'...

ManageEngine Support Center Plus 7903 XSS / SQL Injection

| |.--.--.| || | .-----.| | |. | || || | ||. | | | || | |. | ||.| \ ||. | |||||||| |: 1 | |: 1 ||: 1 | |::.. . | |::.. . ||::.. . | -------' -------'-------' +--------------------------------------------------------------------------------------------------------------------------------+ | Exploi...

ManageEngine Support Center Plus <=7903 Multiple Vulnerabilities

Exploit for php platform in category web applications | |.--.--.| || | .-----.| | |. | || || | ||. | | | || | |. | ||.| \ ||. | |||||||| |: 1 | |: 1 ||: 1 | |::.. . | |::.. . ||::.. . | -------' -------'-------'...

ManageEngine Support Center Plus 7903 - Multiple Vulnerabilities

| |.--.--.| || | .-----.| | |. | || || | ||. | | | || | |. | ||.| \ ||. | |||||||| |: 1 | |: 1 ||: 1 | |::.. . | |::.. . ||::.. . | -------' -------'-------' +--------------------------------------------------------------------------------------------------------------------------------+ | Exploi...

Microsoft SQL Server Interesting Data Finder

This module will search the specified MSSQL server for 'interesting' columns and data. This module has been tested against the latest SQL Server 2019 docker container image 22/04/2021. This module requires Metasploit: https://metasploit.com/download Current source:...