CVE-2025-12002

The Feeds for YouTube Pro plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 2.6.0 via the 'sbycheckwpsubmit' AJAX action. This is due to insufficient sanitization of user-supplied data and the use of that data in a file operation. This makes it possib...

Adobe Reader PDF - Client Side Request Injection

% a PDF file using an XFA % most whitespace can be removed truncated to 570 bytes or so... % Ange Albertini BSD Licence 2012 % modified by InsertScript %PDF-1. % can be truncated to %PDF-\0 1 0 obj stream 1 endstream endobj trailer /XFA 1 0 R /Pages...

CVE-2014-5109

SQL injection vulnerability in maint/modules/endpointcfg/endpointgeneric.php in Fonality trixbox allows remote attackers to execute arbitrary SQL commands via the mac parameter in a Submit action...

CVE-2008-5977

SQL injection vulnerability in siteadmin/forgot.php in PHP JOBWEBSITE PRO allows remote attackers to execute arbitrary SQL commands via the adname parameter in a Submit action...