4200 matches found
Kemp LoadMaster Load Balancer - Unauthenticated Command Injection
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This issue affects: LoadMaster: 7.2.40.0 and above. ECS: All versions.Multi-Tenancy: 7.1.35.4 and above. id: CVE-2024-7591 info: name: Kemp LoadMaster Load Balancer - Unauthenticated Command Injection autho...
SysAid Technologies 20.3.64 b14 - Cross-Site Scripting
SysAid 20.3.64 b14 contains a cross-site scripting vulnerability via the /KeepAlive.jsp?stamp= URI. id: CVE-2021-30049 info: name: SysAid Technologies 20.3.64 b14 - Cross-Site Scripting author: daffainfo severity: medium description: SysAid 20.3.64 b14 contains a cross-site scripting vulnerabilit...
CVE-2025-11954
Cross-Site request forgery CSRF vulnerability in Sitemio Information Technologies Trade Ltd. Co. WISECP allows Cross Site Request Forgery. This issue affects WISECP: through 20022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
EUVD-2025-209906
Cross-Site request forgery CSRF vulnerability in Sitemio Information Technologies Trade Ltd. Co. WISECP allows Cross Site Request Forgery. This issue affects WISECP: through 20022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2025-11954 CSRF in Sitemio's WISECP
Cross-Site request forgery CSRF vulnerability in Sitemio Information Technologies Trade Ltd. Co. WISECP allows Cross Site Request Forgery. This issue affects WISECP: through 20022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2025-11954
The CVE concerns a CSRF vulnerability in WISECP by Sitemio Information Technologies Trade Ltd. Co., affecting versions up to 20022026. The issue is classified with CVSS v3.1 base score 8.0 (High): Network attack vector, low attack complexity, requiring user interaction, with privileges of at leas...
CVE-2025-11954 CSRF in Sitemio's WISECP
Cross-Site request forgery CSRF vulnerability in Sitemio Information Technologies Trade Ltd. Co. WISECP allows Cross Site Request Forgery. This issue affects WISECP: through 20022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
CVE-2026-5791
Cross-Site request forgery CSRF vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross Site Request Forgery. This issue affects DivvyDrive: from 4.8.2.9 before 4.8.3.2...
PT-2026-38426
Name of the Vulnerable Software and Affected Versions DivvyDrive versions 4.8.2.9 through 4.8.3.1 Description DivvyDrive contains a Cross-Site Request Forgery CSRF flaw, which is a type of attack that tricks a victim into submitting a malicious request. This allows an attacker to perform actions ...
CVE-2026-21733
Vulnerability in Imagination Technologies Graphics DDK on Linux, Android -- RESERVED...
WordPress Smart Post Show - Post Grid, Post Carousel & Slider, and List Category Posts plugin <= 3.0.12 - Authenticated (Administrator+) PHP Object Injection vulnerability
WordPress Smart Post Show - Post Grid, Post Carousel & Slider, and List Category Posts plugin = 3.0.12 - Authenticated Administrator+ PHP Object Injection vulnerability discovered by Vilaysone CHANTHAVONG 0xJ0cKkY - Cyberus Technologies in WordPress Plugin Post Grid, Post Carousel, & List Categor...
Citizen Lab: Law Enforcement Used Webloc to Track 500 Million Devices via Ad Data
Hungarian domestic intelligence, the national police in El Salvador, and several U.S. law enforcement and police departments have been attributed to the use of an advertising-based global geolocation surveillance system called Webloc. The tool was developed by Israeli company Cobwebs Technologies...
The Increasing Role of AI in Vulnerability Research
At Wordfence, we run a bug bounty program that pays out mid-six figures per year to researchers in bug bounties for WordPress related vulnerabilities. Funding this research helps us improve security for the WordPress community overall, and helps us secure our customers by rolling out protection f...
EUVD-2026-20394
Missing Authorization vulnerability in HBSS Technologies MAIO The new AI GEO / SEO tool maio-the-new-ai-geo-seo-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAIO The new AI GEO / SEO tool: from n/a through = 6.2.8...
CVE-2026-39697
Missing Authorization vulnerability in HBSS Technologies MAIO – The new AI GEO / SEO tool maio-the-new-ai-geo-seo-tool allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MAIO – The new AI GEO / SEO tool: from n/a through = 6.2.8...
PT-2026-31259
Name of the Vulnerable Software and Affected Versions MAIO – The new AI GEO / SEO tool versions n/a through 6.2.8 Description A missing authorization issue exists in HBSS Technologies MAIO – The new AI GEO / SEO tool, allowing exploitation of incorrectly configured access control security levels...
Digital Privacy in IoT: Exploring Challenges, Approaches and Open Issues
Privacy has always been a critical issue in the digital era, particularly with the increasing use of Internet of Things IoT devices. As the IoT continues to transform industries such as healthcare, smart cities, and home automation, it has also introduced serious challenges regarding the security...
CVE-2026-31386
OpenLiteSpeed and LSWS Enterprise provided by LiteSpeed Technologies contain an OS command injection vulnerability. An arbitrary OS command may be executed by an attacker with the administrative privilege...
CVE-2026-31926 IGL-Technologies eParking.fi Insufficiently Protected Credentials
Charging station authentication identifiers are publicly accessible via web-based mapping platforms...
IGL-Technologies eParking.fi 安全漏洞
IGL-Technologies eParking.fi is an intelligent parking platform provided by IGL-Technologies, offering features for parking management, charging, and parking space monitoring. IGL-Technologies eParking.fi has a security vulnerability. This vulnerability stems from the lack of a limit on the numbe...