5 matches found
PT-2025-43671
Name of the Vulnerable Software and Affected Versions Plane versions prior to 1.1.0 Description Plane is open-source project management software. A flaw exists in the ?next path query parameter that allows attackers to supply arbitrary schemes, such as javascript:, which are then directly passed ...
PT-2025-34709
Name of the Vulnerable Software and Affected Versions: TP-Link KP303 Smartplug versions prior to 1.1.0 Description: The TP-Link KP303 Smartplug is susceptible to unauthenticated protocol commands that can lead to an unintended power-off condition and potential information leak. Recommendations:...
PT-2024-33574 · Unknown · Social Link Groups
Name of the Vulnerable Software and Affected Versions: Social Link Groups versions prior to 1.1.0 Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, which arises from the improper neutralization of special elements used in an SQL command. This...
PT-2023-21722 · Unknown · Cloudexplorer Lite
Name of the Vulnerable Software and Affected Versions: cloudexplorer-lite versions prior to 1.1.0 Description: The issue concerns a missing authorization in the cloudexplorer-lite GitHub repository. This allows for an authorization bypass through a user-controlled key. Recommendations: For versio...
PT-2017-9959 · Go · Go-Jose
Name of the Vulnerable Software and Affected Versions: go-jose versions prior to 1.1.0 go-jose versions prior to 1.0.4 Description: The go-jose library is affected by an issue related to multiple signatures exploitation. When validating a signed message, the API does not indicate which signature ...