17 matches found
CVE-2026-55793
Craft CMS versions 5.0.0-RC1–5.9.22 are affected by a stored XSS in a Structure entry title. An author-level control panel user can insert malicious JavaScript into an entry title. When a victim with saveEntries permission drags another entry under the poisoned one in table view, the payload exec...
CVE-2026-55793 Craft CMS: Stored XSS via Structure entry title in table view
Craft CMS is a content management system CMS. In versions 5.0.0-RC1 through 5.9.22, an author-level control panel user can store a malicious JavaScript payload in an entry title. When an admin, or any control panel user with saveEntries for the same Structure section, drags another entry under th...
PT-2026-54861
Name of the Vulnerable Software and Affected Versions Craft CMS versions 5.0.0-RC1 through 5.9.22 Description A stored cross-site scripting issue exists where a user with author-level control panel permissions can embed a malicious JavaScript payload within an entry title. The execution occurs wh...
EUVD-2018-3791
Malware in sbrugna...
EUVD-2025-26199
Malicious code in bioql PyPI...
CVE-2023-26813
SQL injection vulnerability in com.xnx3.wangmarket.plugin.dataDictionary.controller.DataDictionaryPluginController.java in wangmarket CMS 4.10 allows remote attackers to run arbitrary SQL commands via the TableName parameter to /plugin/dataDictionary/tableView.do...
CVE-2025-31758
Missing Authorization vulnerability in BinaryCarpenter Free Woocommerce Product Table View free-product-table-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Free Woocommerce Product Table View: from n/a through = 1.78...
CVE-2025-31758
Technical details about CVE-2025-31758 are not publicly provided in the connected documents. The initial description contains basic context but no concrete affected product versions, root cause, exploit vectors, or remediation details in the supplied materials. Monitor for updates.
WordPress plugin Free Woocommerce Product Table View 安全漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Free Woocommerce Product...
CVE-2025-31757
Missing Authorization vulnerability in BinaryCarpenter Free Woocommerce Product Table View free-product-table-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Free Woocommerce Product Table View: from n/a through = 1.78...
CVE-2025-31757 WordPress Free Woocommerce Product Table View plugin <= 1.78 - Broken Access Control vulnerability
Missing Authorization vulnerability in BinaryCarpenter Free Woocommerce Product Table View allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Free Woocommerce Product Table View: from n/a through 1.78...
CVE-2025-31757
No technical details about CVE-2025-31757 are present in the provided documents. Technical specifics (affected product/version, root cause, impact, fixes) are not available here. Monitor for updates from trusted sources.
WordPress plugin Free Woocommerce Product Table View 安全漏洞
WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin Free Woocommerce Product...
PT-2023-20806
Name of the Vulnerable Software and Affected Versions wangmarket CMS version 4.10 Description The issue allows remote attackers to run arbitrary SQL commands via the TableName parameter to the "/plugin/dataDictionary/tableView.do" API endpoint. This enables attackers to manipulate database querie...
Code injection
In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL on a particular database allows a user to move the table to a database with ALL, which will automatically grant that user with A...
CVE-2018-11792
In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL on a particular database allows a user to move the table to a database with ALL, which will automatically grant that user with A...
CVE-2018-11792
In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL on a particular database allows a user to move the table to a database with ALL, which will automatically grant that user with A...