EUVD-2026-33535

A weakness has been identified in zhayujie chatgpt-on-wechat up to 2.0.8. This issue affects the function getsafetywarning of the file agent/tools/bash/bash.py of the component Bash Tool. Executing a manipulation can lead to os command injection. The attack can be launched remotely. The exploit h...

CVE-2022-32086

creationtimestamp| type| source ---|---|--- 2026-01-27 11:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02...

PT-2025-50018

Cross-Site Request Forgery CSRF vulnerability in Flashyapp WP Flashy Marketing Automation wp-flashy-marketing-automation allows Cross Site Request Forgery.This issue affects WP Flashy Marketing Automation: from n/a through = 2.0.8...

CVE-2025-10226

Dependency on Vulnerable Third-Party Component CWE-1395 in the PostgreSQL backend in AxxonSoft Axxon One C-Werk 2.0.8 and earlier on Windows and Linux allows a remote attacker to escalate privileges, execute arbitrary code, or cause denial-of-service via exploitation of multiple known CVEs presen...

PT-2025-13135

Name of the Vulnerable Software and Affected Versions ThemeHunk Big Store versions 2.0.8 and earlier Description The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations For ThemeHunk Big Store...

WordPress Search with Typesense Plugin <= 2.0.8 - Path Traversal vulnerability

Path Traversal vulnerability discovered by astra.r3verii Patchstack Alliance in WordPress Plugin Search with Typesense versions = 2.0.8...

WordPress WordPress Graphs & Charts Plugin <= 2.0.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata in WordPress Plugin WordPress Graphs & Charts versions = 2.0.8...

Adive Framework 跨站脚本漏洞

Adive Framework is a PHP-based MySQL database management framework. A cross-site scripting vulnerability exists in Adive Framework version 2.0.8, which stems from a failure to adequately encode user-controlled input, leading to a cross-site scripting XSS vulnerability that allows an attacker to...

CVE-2023-23899

Cross-Site Request Forgery CSRF vulnerability in HasThemes Extensions For CF7 plugin = 2.0.8 versions leads to arbitrary plugin activation...

SUSE CVE-2011-0466

The API in SUSE openSUSE Build Service OBS 2.0.x before 2.0.8 and 2.1.x before 2.1.6 allows attackers to bypass intended write-access restrictions and modify a 1 package or 2 project via unspecified vectors...

Froxlor 命令注入漏洞

Froxlor is a lightweight server management software from the Froxlor team. A command injection vulnerability exists in Froxlor versions prior to 2.0.8, which stems from the presence of command injection...

GHSA-V3VF-2R98-XW8W Exposure of Sensitive Information to an Unauthorized Actor in Apache syncope-cope

An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11 and 2.0.x before 2.0.8 can recover sensitive security values using the fiql and orderby parameters...

D-Link DIR-850L REV.A and REV.B Denial of Service Vulnerabilities

The D-Link DIR-850L REV.A and REV.B are both wireless router products from AUO D-Link. The security vulnerability exists in D-Link DIR-850L REV.A and REV.B devices using firmware FW114WWb07h2abbeta1 and prior versions, and firmware FW208WWb02 and prior versions. A remote attacker could exploit th...

CVE-2002-0867

Microsoft Virtual Machine VM up to and including build 5.0.3805 allows remote attackers to cause a denial of service crash in Internet Explorer via invalid handle data in a Java applet, aka "Handle Validation Flaw."...