CVE-2025-28949

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Codedraft Mediabay - WordPress Media Library Folders allows Blind SQL Injection.This issue affects Mediabay - WordPress Media Library Folders: from n/a through 1.4...

PT-2022-17205 · Cerebrate · Cerebrate

Name of the Vulnerable Software and Affected Versions: Cerebrate versions through 1.4 Description: An issue was discovered that allows reflected XSS in form descriptions via a user-controlled description. This occurs in the genericForm component. Recommendations: For versions through 1.4, as a...

PT-2022-17206 · Cerebrate · Cerebrate

Name of the Vulnerable Software and Affected Versions: Cerebrate versions through 1.4 Description: An issue was discovered that allowed an unprivileged user to edit and modify sharing groups due to an incorrect sharing group ACL. Recommendations: For versions through 1.4, as a temporary workaroun...

PT-2022-17207 · Cerebrate · Cerebrate

Name of the Vulnerable Software and Affected Versions: Cerebrate versions through 1.4 Description: An issue was discovered where endpoints could be open even when not enabled. Recommendations: For versions through 1.4, consider disabling endpoints that are not in use to minimize the risk of...