8 matches found
CVE-2025-59022 TYPO3 CMS Allows Broken Access Control in Recycler Module
Backend users who had access to the recycler module could delete arbitrary data from any database table defined in the TCA - regardless of whether they had permission to that particular table. This allowed attackers to purge and destroy critical site data, effectively rendering the website...
CVE-2025-66305
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Denial of Service DoS vulnerability was identified in the "Languages" submenu of the Grav admin configuration panel /admin/config/system. Specifically, the Supported parameter fails to properly validate user input. If a malformed value ...
CVE-2025-66305 Grav vulnerable to Denial of Service via Improper Input Handling in 'Supported' Parameter
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Denial of Service DoS vulnerability was identified in the "Languages" submenu of the Grav admin configuration panel /admin/config/system. Specifically, the Supported parameter fails to properly validate user input. If a malformed value ...
CVE-2025-66305 Grav vulnerable to Denial of Service via Improper Input Handling in 'Supported' Parameter
Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Denial of Service DoS vulnerability was identified in the "Languages" submenu of the Grav admin configuration panel /admin/config/system. Specifically, the Supported parameter fails to properly validate user input. If a malformed value ...
EUVD-2025-33851
The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design Services WordPress theme, is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'wcdpsavecanvasdesignajax' function in all versions up to, and including, 1.9.26. Th...
ZTE ZXEN CG200 资源管理错误漏洞
The ZTE ZXEN CG200 is a government and enterprise gateway device from China's ZTE Corporation ZTE. A denial of service vulnerability exists in ZXEN CG200 V1.0.0P1N5M and previous versions, which stems from improper handling of a large number of message requests. An attacker can exploit the...
Sensio Labs Symfony Input Validation Error Vulnerability
Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A security vulnerability exists in Sensio Labs Symfony...
LinkedIn Outage Tied to DNS Issue
A site outage and redirection on LinkedIn’s site Wednesday night blamed on a DNS problem has security experts and users worried that the networking site’s DNS records may have been compromised, along with those of several other sites. But it appears the issue may have been caused by a simple...