PT-2026-1188

Name of the Vulnerable Software and Affected Versions CRMEB versions up to 5.6.1 Description A flaw exists in CRMEB that could allow for remote code execution. The issue stems from a SQL injection vulnerability within the /adminapi/export/product list file. Specifically, manipulating the cate id...

PT-2025-43380

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.2.12.0 and earlier Description A flaw in the temporary access workflow permits a user with basic authentication to approve their own temporary access requests or those of other users. This can lead to...

PT-2025-4494 · Unknown · Faktor Vier F4 Post Tree

The vulnerable software is FAKTOR VIER F4 Post Tree, with versions ranging from n/a to 1.1.18. The vulnerability is an Improper Neutralization of Input During Web Page Generation, also known as 'Cross-site Scripting' XSS, which allows Reflected XSS. This vulnerability can be exploited by attacker...

PT-2024-27475 · WordPress · Geodirectory

Name of the Vulnerable Software and Affected Versions: The GeoDirectory – WordPress Business Directory Plugin versions up to, and including, 2.3.48 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'gd single tabs' shortcode due to insufficient input sanitization a...

PT-2017-2039 · Adobe +3 · Flash Player +3

Name of the Vulnerable Software and Affected Versions: Adobe Flash Player versions 25.0.0.148 and earlier Description: The issue is related to a memory corruption vulnerability in the BlendMode class. This vulnerability can be exploited to achieve arbitrary code execution. The problem is caused b...