Apache Airflow 安全漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. This platform features scalability and dynamic monitoring capabilities. There is a security vulnerability in Apache Airflow. This...

defu 安全漏洞

Defu is a lightweight tool library developed by UnJS for recursively merging default values. Versions of Defu prior to 6.1.5 contained security vulnerabilities; these vulnerabilities stemmed from the practice of passing uncleaned user input into the Defu functions, which could lead to prototype...

OpenChatBI 路径遍历漏洞

OpenChatBI is an intelligent data analysis and visualization tool based on natural language dialogue, developed by Yu Zhong. Versions of OpenChatBI prior to 0.2.2 contained a path traversal vulnerability. This vulnerability stemmed from insufficient cleaning of the fileformat parameter input in t...

Foxit PDF Editor Cloud 安全漏洞

Foxit PDF Editor Cloud is a browser-based online PDF editing platform provided by the American company Foxit. Versions of Foxit PDF Editor Cloud prior to February 3, 2026, contained security vulnerabilities. These vulnerabilities stemmed from the inability to clean user input that was embedded in...

Blood Bank Management System 安全漏洞

Blood Bank Management System is a blood bank management system by shridhar shukla individual developer. A security vulnerability exists in Blood Bank Management System version 1.0, which stems from the updateprofile.php and rprofile.php components not cleaning up user input, which could lead to...

E-commerce 安全漏洞

E-commerce is a dynamic e-commerce website by the individual developer Bhabishya Ghimire. A security vulnerability exists in E-commerce version 1.0 that stems from the signup.inc.php endpoint not cleaning up user input, which could lead to SQL injection attacks and authentication bypass...

Snort Report 安全漏洞

Snort Report is an inspection report management system from the Snort team. A security vulnerability exists in Snort Report versions prior to 1.3.2 that stems from the nmap.php and nbtscan.php scripts not being cleaned of user input, which could lead to remote command execution...

Robot Operating System 安全漏洞

Robot Operating System is a meta-operating system for ROS 2 open source robots. A security vulnerability exists in Robot Operating System that stems from the rosbag tool's use of the eval function to process uncleaned user input, which could lead to the execution of arbitrary Python code...

AVTECH DVR 安全漏洞

AVTECH DVR is a digital video recorder from AVTECH, a Taiwan, China-based company. A security vulnerability exists in AVTECH DVR that originates from a command injection due to uncleaned input in the Search.cgi endpoint...

Smartwares CIP-37210AT和Smartwares C724IP 安全漏洞

The Smartwares CIP-37210AT and Smartwares C724IP are both products of Smartwares, Inc.The Smartwares CIP-37210AT is an IP camera device for home or office security monitoring.The Smartwares C724IP is an IP camera device that is for home or office security monitoring. A security vulnerability exis...

WordPress plugin Discover the Best Woocommerce Product Brands 跨站脚本漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in PHP. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin Discover the Best...

WordPress plugin Catch Popup 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerabili...

Hitachi Energy RTU500 跨站脚本漏洞

RTU500 is a series of industrial control components from Hitachi, Japan, mainly used in industrial control systems. A cross-site scripting vulnerability exists in Hitachi Energy RTU500 series CMU Firmware, which originates from user input not being properly cleaned, and can be exploited by an...

Moodle SQL注入漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. Moodle suffers from a security vulnerability that stems from insufficient cleansing of user-supplied data in an external Wiki method us...

WordPress Plugin Spectra 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

Juplink Intelligent Technologies RX4-1500 Injection Vulnerability

The Juplink Intelligent Technologies RX4-1500 is a wireless router from Juplink Intelligent Technologies. A security vulnerability exists in the Juplink Intelligent Technologies RX4-1500 v1.0.3, which originates from the program failing to clean user input before executing it. A remote attacker...

VPOPMail Account Administration (squirrel mail) version 0.9.7

Plugin info: http://www.squirrelmail.org/pluginview.php?id=103 Description: VPOPMail Account Administration The plugin lets the user do the tasks he would be able using qmailadmin change password let mails forward create away messages Notes from the README: IMPORTANT For the plugin to work...