5 matches found
CVE-2026-59100
CVE-2026-59100 affects LobeChat up to version 2.2.9. It describes a broken object level authorization allowing authenticated attackers to access and modify other users’ chat-group agent data by supplying arbitrary group identifiers. Attackers can call getGroupAgents, updateAgentInGroup, and remov...
PT-2026-20700
Missing Authorization vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Endless Posts Navigation: from n/a through = 2.2.9...
PT-2023-24226 · WordPress · Woodiscuz – Woocommerce Comments
Name of the Vulnerable Software and Affected Versions: WooDiscuz – WooCommerce Comments versions through 2.2.9 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. This vulnerability allows Stored XSS and affects the WooDiscuz – WooCommerce Comments plugin. It...
SICK Visionary-S CX 加密问题漏洞
SICK Visionary-S CX is a 3D vision sensor from SICK, Germany. It provides direct output of color and depth values via Ethernet. The SICK Visionary-S CX has a security vulnerability in versions prior to 5.21.2.29154R, which can be exploited by an attacker with a weak password to more easily...
Magento Station Request Forgery Vulnerability
Magento is an open source PHP e-commerce system of the United States Magento company . The system provides rights management , search engines and payment gateways and other functions. A cross-site request forgery vulnerability exists in Magento versions 2.1.18 before 2.1, 2.2.9 before 2.2.2 and...