23 matches found
CVE-2026-58493
grav-plugin-database is the database plugin for Grav CMS. Prior to 1.2.0, Database::call builds PDO DSN strings by directly concatenating user-configurable YAML values from fields such as host, dbname, charset, server, database, directory, and filename without sanitization or validation, allowing...
CVE-2026-58493 grav-plugin-database: DSN Parameter Injection via Unsanitized Configuration Values in Connection String Construction
grav-plugin-database is the database plugin for Grav CMS. Prior to 1.2.0, Database::call builds PDO DSN strings by directly concatenating user-configurable YAML values from fields such as host, dbname, charset, server, database, directory, and filename without sanitization or validation, allowing...
CVE-2026-48787
gin-vue-admin is an AI-assisted basic development platform. In version 2.9.1, an authenticated attacker with access to the code-generation feature and MCP management interface can exploit this vulnerability by injecting attacker-controlled Go source code through POST /autoCode/addFunc, and then...
WordPress Accessibly plugin <= 3.0.3 - Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Widget Source Injection via REST API vulnerability
Missing Authorization to Unauthenticated Stored Cross-Site Scripting via Widget Source Injection via REST API vulnerability discovered by WordFence in WordPress Plugin Accessibly WordPress Website Accessibility versions = 3.0.3...
SUSE-SU-2026:0825-1 Security update for php-composer2
This update for php-composer2 fixes the following issues: CVE-2025-67746: Fixed ANSI control characters injection in the terminal output of various Composer commands via attacker controlled remote sources. bsc1255768...
EUVD-2025-34919
DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC URL injection vulnerability exists in the DB2 and MongoDB data source configuration handlers. In the DB2 data source handler, when the extraParams field is empty, the HOSTNAME, PORT, and DATABASE...
Apache Linkis 代码问题漏洞
Apache Linkis is a middleware product of the U.S. Apache Apache Foundation, which can establish an effective connection between upper-tier applications and the underlying data engine. Apache Linkis 1.6.0 before the version of the code problem vulnerability, the vulnerability stems from the data...
SUSE CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build...
SUSE CVE-2020-11979
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the...
Static Code Injection in collectiveaccess/pawtucket2
Description This is with reference to another SSRF report I made https://huntr.dev/bounties/43505ece-7d5e-44b8-a7a3-69bd42d0ad02/ in which the fix was to filter external src from images. Pawtucket2 makes use of the same code as Providence to filter HTML, however it does not include the new fix...
ant: insecure temporary file vulnerability
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build...
ant: insecure temporary file
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the...
DEBIAN-CVE-2020-11979
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. Unfortunately the fixcrlf task deleted the temporary file and created a new one without said protection, effectively nullifying the...
GHSA-4P6W-M9WC-C9C9 Sensitive Data Exposure in Apache Ant
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build...
ant: insecure temporary file vulnerability
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build...
DEBIAN-CVE-2020-1945
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build...
STG Security Advisory 2004-12-20.16
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 STG Security Advisory: SSA-20041220-16 PHP source injection and cross-site scripting vulnerabilities in ZeroBoard Revision 1.2 Date Published: 2004-12-20 KST Last Update: 2004-12-24 Disclosed by SSR Team [email protected] Summary =======...
STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard
STG Security Advisory: SSA-20041220-16 PHP source injection and cross-site scripting vulnerabilities in ZeroBoard Revision 1.2 Date Published: 2004-12-20 KST Last Update: 2004-12-24 Disclosed by SSR Team [email protected] Summary ======= ZeroBoard is one of widely used web BBS applications...
bug in Club 1.0 - 1.3
Hi, security team www.rst.bb1.ru --= Advisory 6 =-- Product: Club 1.0 - 1.3 http://www.lyanguzov.inc.ru/ Vuln: PHP source injection The php-script Club version 1.0 - 1.3 maybe version 1.2 vuln too, i can't find this version is vuln for PHP source injection. Bug found in file club.php: scip if $p ...
Bookmar4U and Active PHP Bookmarks Vulnerabilities
Program: Bookmark4U V.1.8.3 website: http://bookmark4u.sourceforge.net/ Vendor status: Informed 30 days ago Problem: Source injection Files affected: inc/dbase.php inc/config.php inc/common.load.php ? Proof of concept: dbase.php?prefix=http://... Solution: The security of the inc/ directory is...