iTerm2 Security Vulnerability

iTerm2 is a terminal emulation program written for Mac OS X. A security vulnerability exists in iTerm2 versions prior to 3.5.0beta12 that stems from not cleaning up paths in the x-man-page URL...

ShokoServer Path Traversal Vulnerability

ShokoServer is an anime collection management platform. ShokoServer suffers from a path traversal vulnerability that stems from not cleaning parameters. An attacker can read arbitrary files by exploiting this vulnerability...

WordPress plugin Translate WordPress with GTranslate Cross Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin WP Adminify cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin Appointment booking addon for Gravity Forms Cross Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Blog2Social 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

OpenNMS Horizon Cross-Site Scripting Vulnerability

OpenNMS Horizon is an open source solution from OpenNMS, Inc. that helps you visualize and monitor everything on your local and remote networks. A security vulnerability exists in OpenNMS Horizon versions 31.0.8 through 32.0.2 that stems from a parameter not being cleaned...

Winter 跨站脚本漏洞

Winter is a free, open source, self-hosted CMS platform based on the Laravel PHP framework. A cross-site scripting vulnerability exists in Winter prior to version 1.2.3, which stems from an uncleaned SVG upload, which could lead to a stored cross-site scripting XSS attack...

WordPress plugin Aajoda Testimonials 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

The vulnerability of the GLPI system’s handling of requests and incidents lies in the improper cancellation of input during the generation of web pages, allowing a malicious user to execute arbitrary SQL queries in the database.

The vulnerability of the GLPI system for handling requests and incidents is related to insufficient cleaning of user data on search pages. A malicious actor can trick a victim into clicking on a specially created link, allowing arbitrary HTML code and scripts to be executed in the user’s browser...

WordPress plugin Autoptimize 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin SMTP Mailing Queue 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

The vulnerability of the Redis database management system, related to the lack of measures for cleaning incoming data, allows a attacker to send a specially crafted MSETNX command, causing a service failure and terminating the Redis server process.

The vulnerability of the Redis database management system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows an attacker to send a specially crafted MSETNX command, causing a service failure and terminating the Redis server process...

WordPress plugin Auto Rename Media On Upload跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

WordPress plugin Simple Giveaways 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

Envoy 环境问题漏洞

Envoy is an open source distributed proxy server. An environmental issue vulnerability exists in Envoy that stems from the fact that Envoy does not clean up or escape request attributes when generating request headers...

Mattermost 信息泄露漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an information disclosure vulnerability that stems from the inability of Mattermost to clean up some userupdated and postdeleted events broadcast to all users when running in a...

WordPress plugin Qubely 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress plugin hiWeb Migration Simple 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress plugin The Pardakht Delkhah 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...