6 matches found
CVE-2026-4001 Woocommerce Custom Product Addons Pro <= 5.4.1 - Unauthenticated Remote Code Execution via Custom Pricing Formula
The Woocommerce Custom Product Addons Pro plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.4.1 via the custom pricing formula eval in the processcustomformula function within includes/process/price.php. This is due to insufficient sanitization an...
SQL Injection
Overview Affected versions of this package are vulnerable to SQL Injection when querying JSON or richText fields. An attacker can extract sensitive information and gain unauthorized access to user accounts by injecting crafted SQL statements. Note: This is only exploitable if a Drizzle-based...
@payloadcms/drizzle has SQL Injection in JSON/RichText Queries on PostgreSQL/SQLite Adapters
Impact When querying JSON or richText fields, user input was directly embedded into SQL without escaping, enabling blind SQL Injection attacks. An unauthenticated attacker could extract sensitive data emails, password reset tokens and achieve full account takeover without password cracking. Users...
PT-2024-28040 · Unknown +1 · Syncope Console +2
Name of the Vulnerable Software and Affected Versions: Syncope versions prior to 3.0.8 Description: The issue allows HTML tags to be added to any text field when editing a user, group, or object in the Syncope Console, potentially leading to exploits. The same vulnerability is found in the Syncop...
CVE-2024-22776
Wallos 0.9 is vulnerable to Cross Site Scripting XSS in all text-based input fields without proper validation, excluding those requiring specific formats like date fields...
Data Illusion Survey Software Solutions NGSurvey Security Breach
ngSurvey is a Data Illusion Survey Software Solutions by ngSurvey, Inc. A security vulnerability exists in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and earlier versions, which stems from vulnerability to denial-of-service attacks if a survey is submitted that contains Text Field,...