CVE-2025-1363

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is...

CVE-2025-1362

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not have CSRF checks in some bulk actions, which could allow attackers to make logged in admins perform unwanted actions, such as deleting customers via CSRF attacks...

CVE-2025-1363

CVE-2025-1363 affects the WordPress plugin “URL Shortener | Conversion Tracking | AB Testing | WooCommerce” (versions up to 9.0.2). The vulnerability is a Stored Cross-Site Scripting (XSS) that occurs due to insufficient sanitisation/escaping of certain plugin settings, enabling a high-privilege ...

CVE-2024-13868

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

Exploit for CVE-2025-26055

CVE-2025-26055 CVE Description Author : Rohan Deshpande...

CVE-2025-2084

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /search-report.php of the component Search Report Page. The manipulation leads to cross site scripting. It is possible to...

CVE-2025-2084 PHPGurukul Human Metapneumovirus Testing Management System Search Report Page search-report.php cross site scripting

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /search-report.php of the component Search Report Page. The manipulation leads to cross site scripting. It is possible to...

Human Metapneumovirus Testing Management System /login.php File SQL Injection Vulnerability

Human Metapneumovirus Testing Management System is a human subpneumovirus testing management system. Human Metapneumovirus Testing Management System is vulnerable to a SQL injection vulnerability that affects the username parameter in the /login.php file. No details of the vulnerability are...

Human Metapneumovirus (HMPV) – Testing Management System 代码注入漏洞

Human Metapneumovirus HMPV - Testing Management System is a PHP and MySQL based system developed to manage human lung virus testing. A code injection vulnerability exists in Human Metapneumovirus HMPV - Testing Management System version 1.0, which stems from improper manipulation of the...

Nipah virus Testing Management System check_availability.php File SQL Injection Vulnerability

Nipah Virus Testing Management System is an online virus diagnostic platform. The Nipah Virus Testing Management System suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the checkavailability.php file. An attacker can exploit...

CVE-2024-13868

The URL Shortener | Conversion Tracking | AB Testing | WooCommerce WordPress plugin through 9.0.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

Linux Distros Unpatched Vulnerability : CVE-2024-57917

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: topology: Keep the cpumask unchanged when printing cpumap During fuzz testing, the following...

UniRide Vehicle Booking Management System 1.0 Insecure Direct Object Reference

UniRide Vehicle Booking Management System version 1.0 suffers from an insecure direct object reference vulnerability. ============================================================================================================================================= | Title : UniRide Vehicle Booking...

CVE-2024-53023

Memory corruption may occur while accessing a variable during extended back to back tests...

FreeBSD : electron{32,33} -- multiple vulnerabilities (f4f3e001-402b-4d6d-8efa-ab11fcf8de2b)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the f4f3e001-402b-4d6d-8efa-ab11fcf8de2b advisory. Electron developers report: This update fixes the following vulnerabilities: Tenable has...

Linux Distros Unpatched Vulnerability : CVE-2024-42071

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ionic: use devconsumeskbany outside of napi If we're not in a NAPI softirq context, we need...

Linux Distros Unpatched Vulnerability : CVE-2024-36004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: i40e: Do not use WQMEMRECLAIM flag for workqueue Issue reported by customer during SRIOV...

Linux Distros Unpatched Vulnerability : CVE-2024-35800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel Check if getnextvariable is actually valid pointer before...

Linux Distros Unpatched Vulnerability : CVE-2024-42090

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pinctrl: fix deadlock in createpinctrl when handling -EPROBEDEFER In createpinctrl, pinctrlmapsmutex is acquired before calling addsetting. If addsetting return...

CVE-2025-1954

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /login.php. The manipulation of the argument username leads to sql injection. The attack can be...