CVE-2025-32015 FreshRSS vulnerable to Cross-site Scripting by embedding <script> tag inside <iframe srcdoc>

FreshRSS is a self-hosted RSS feed aggregator. Prior to version 1.26.2, HTML is sanitized improperly inside the attribute, which leads to cross-site scripting XSS by loading an attacker's UserJS inside . In order to execute the attack, the attacker needs to control one of the victim's feeds and...

CVE-2023-29527

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions a user without script or programming right may edit a user profile or any other document with the wiki editor and add groovy script content. Viewing the document after...

CVE-2022-2046

The Directorist WordPress plugin before 7.2.3 allows administrators to download other plugins from the same vendor directly to the site, but does not check the URL domain it gets the zip files from. This could allow administrators to run code on the server, which is a problem in multisite...

CVE-2025-24022

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1...

CVE-2025-24022

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1...

CVE-2025-24022

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1...

CVE-2025-24022 iTop server vulnerable to portal code injection

iTop is an web based IT Service Management tool. Prior to versions 2.7.12, 3.1.3, and 3.2.1, server code execution is possible through the frontend of iTop's portal. This is fixed in versions 2.7.12, 3.1.3 and 3.2.1...

iTop 操作系统命令注入漏洞

iTop is a simple, web-based IT service management tool from Combodo Open Source. An operating system command injection vulnerability exists in iTop versions prior to 2.7.12, prior to 3.1.3, and prior to 3.2.1, which stems from the possibility of executing server code via the portal front-end...

CVE-2025-2257

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.16.10 via the compressionlevel setting. This is due to the plugin using the compressionlevel setting in procopen withou...

CVE-2025-1385

When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...

CVE-2022-3384

The Ultimate Member plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.5.0 via the populatedropdownoptions function that accepts user supplied input and passes it through calluserfunc. This is restricted to non-parameter PHP functions like phpinfo; sin...

CVE-2024-3408

man-group/dtale version 3.10.0 is vulnerable to an authentication bypass and remote code execution RCE due to improper input validation. The vulnerability arises from a hardcoded SECRETKEY in the flask configuration, allowing attackers to forge a session cookie if authentication is enabled...

GHSA-J3F9-P6HM-5W6Q Carbon has an arbitrary file include via unvalidated input passed to Carbon::setLocale

Impact Application passing unsanitized user input to Carbon::setLocale are at risk of arbitrary file include, if the application allows users to upload files with .php extension in an folder that allows include or require to read it, then they are at risk of arbitrary code ran on their servers...

OpenRefine SQL注入漏洞

OpenRefine is a Java-based open source tool from OpenRefine Open Source. The product is mainly used for loading data, analyzing data, and cleaning data, among other things. A SQL injection vulnerability exists in OpenRefine prior to version 3.8.3, which stems from the ability to set the...

CVE-2024-45852

Deserialization of untrusted data can occur in versions 23.3.2.0 and newer of the MindsDB platform, enabling a maliciously uploaded model to run arbitrary code on the server when interacted with...

Roxy-WI 安全漏洞

Roxy-WI is a Roxy-WI open source web interface for managing Haproxy, Nginx and Keepalived servers. A security vulnerability exists in Roxy-WI version v8.0 that stems from the presence of an operating system command injection vulnerability that allows any authenticated user on the application to...

PT-2024-34916 · WordPress · The Cowidgets – Elementor Addons

Name of the Vulnerable Software and Affected Versions: The Cowidgets – Elementor Addons plugin for WordPress version 1.1.1 and earlier Description: The issue allows authenticated attackers with Contributor-level access and above to include and execute arbitrary files on the server via the item...

PT-2023-32374 · WordPress · Ads By Datafeedr.Com

Name of the Vulnerable Software and Affected Versions: Ads by datafeedr.com plugin for WordPress versions up to, and including, 1.1.3 Description: The issue allows unauthenticated attackers to execute code on the server via the dfads ajax load ads function. This function has limited parameters th...

CVE-2023-43661 Cachet vulnerable to Authenticated Remote Code Execution

Cachet, the open-source status page system. Prior to the 2.4 branch, a template functionality which allows users to create templates allows them to execute any code on the server during the bad filtration and old twig version. Commit 6fb043e109d2a262ce3974e863c54e9e5f5e0587 of the 2.4 branch...

pgAdmin 安全漏洞

pgAdmin is an open source management and development platform for the open source database PostgreSQL. A command execution vulnerability exists in pgAdmin that stems from an inability to properly control server code executed on this API, which could be exploited by an authenticated attacker to ru...