CVE-2026-30993

Slah CMS v1.5.0 and below was discovered to contain a remote code execution RCE vulnerability in the session function at config.php. This vulnerability is exploitable via a crafted input...

EUVD-2026-22985

Slah CMS v1.5.0 and below was discovered to contain a remote code execution RCE vulnerability in the session function at config.php. This vulnerability is exploitable via a crafted input...

CVE-2026-30993

Slah CMS v1.5.0 and below was discovered to contain a remote code execution RCE vulnerability in the session function at config.php. This vulnerability is exploitable via a crafted input...

CVE-2026-30993

Slah CMS

CVE-2026-30993

Slah CMS v1.5.0 and below was discovered to contain a remote code execution RCE vulnerability in the session function at config.php. This vulnerability is exploitable via a crafted input...

Slah CMS 安全漏洞

Slah CMS is a content management system developed by the Brazilian company Slah. Versions of Slah CMS prior to 1.5.0 contain security vulnerabilities. These vulnerabilities stem from defects in the session function located in the config.php file, which may lead to remote code execution...

CVE-2025-10484 Registration & Login with Mobile Phone Number for WooCommerce <= 1.3.1 - Authentication Bypass

The Registration & Login with Mobile Phone Number for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.3.1. This is due to the plugin not properly verifying a users identity prior to authenticating them via the fmalwpsetsessionphpfun...

CVE-2025-10484 Registration & Login with Mobile Phone Number for WooCommerce <= 1.3.1 - Authentication Bypass

The Registration & Login with Mobile Phone Number for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 1.3.1. This is due to the plugin not properly verifying a users identity prior to authenticating them via the fmalwpsetsessionphpfun...

Linux Distros Unpatched Vulnerability : CVE-2022-28654

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - isclosingsession allows users to fill up apport.log CVE-2022-28654 - isclosingsession allows users to fill up apport.log. CVE-2022-28654 Note that Nessus relies...

CVE-2013-10012

A vulnerability, which was classified as critical, was found in antonbolling clan7ups. Affected is an unknown function of the component Login/Session. The manipulation leads to sql injection. The name of the patch is 25afad571c488291033958d845830ba0a1710764. It is recommended to apply a patch to...

The vulnerability of the qla2xxx component in the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the qla2xxx component in the Linux operating system’s kernel is related to the assignment of the NULL pointer in the qltfreesessiondone function. Exploiting this vulnerability can allow an attacker to cause a service failure...

PT-2022-19146 · Canonical +1 · Apport +2

Name of the Vulnerable Software and Affected Versions: Apport affected versions not specified Description: The issue allows users to consume RAM in the Apport process through the is closing session function. Recommendations: At the moment, there is no information about a newer version that contai...