GHSA-HR5V-J9H9-XJHG OpenClaw has Sandbox Media Root Bypass via Unnormalized `mediaUrl` / `fileUrl` Parameter Keys (CWE-22)

Fixed in OpenClaw 2026.3.24, the current shipping release. Advisory Details Title: Sandbox Media Root Bypass via Unnormalized mediaUrl / fileUrl Parameter Keys CWE-22 Description: Summary A path traversal vulnerability in the agent sandbox enforcement allows a sandboxed agent to read arbitrary...

CVE-2026-25993

EverShop is a TypeScript-first eCommerce platform. During category update and deletion event handling, the application embeds path / requestpath values—derived from the urlkey stored in the database—into SQL statements via string concatenation and passes them to execute. As a result, if a malicio...

SQL Injection

Overview @evershop/evershop is a The React Ecommerce platform. Built with React and Postgres. Open-source and free. Fast and customizable. Affected versions of this package are vulnerable to SQL Injection via the category value used for update and delete operations. It is input to the execute...

CVE-2026-25993

EverShop is a TypeScript-first eCommerce platform. During category update and deletion event handling, the application embeds path / requestpath values—derived from the urlkey stored in the database—into SQL statements via string concatenation and passes them to execute. As a result, if a malicio...

CVE-2026-25993

EverShop (TypeScript-based eCommerce platform) is affected by a second-order SQL injection during category update/delete handling. The vulnerability stems from embedding path/request_path values, derived from the url_key stored in the database, into SQL statements via string concatenation that ar...

EverShop SQL注入漏洞

EverShop is an open-source NodeJS e-commerce platform developed by EverShop. Versions of EverShop prior to 2.1.1 contained a SQL injection vulnerability. This vulnerability occurred when processing category updates and deletions, where the urlkey value was embedded into SQL statements through...

GHSA-86C2-4X57-WC8G Git Credential Manager carriage-return character in remote URL allows malicious repository to leak credentials

Description The Git credential protocol is text-based over standard input/output, and consists of a series of lines of key-value pairs in the format key=value. Git's documentation restricts the use of the NUL \0 character and newlines to form part of the keys^1 or values. When Git reads from...

WordPress plugin ShiftController Employee Shift Scheduling 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PYSEC-2024-23

Whoogle Search is a self-hosted metasearch engine. Versions 0.8.3 and prior have a limited file write vulnerability when the configuration options in Whoogle are enabled. The config function in app/routes.py does not validate the user-controlled name variable on line 447 and configdata variable o...

CVE-2012-5551

Multiple cross-site scripting XSS vulnerabilities in the MailChimp module 7.x-2.x before 7.x-2.7 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 a predictable "webhook URL key" and 2 improper sanitization of "Webhook variables from POST requests."...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the MailChimp module 7.x-2.x before 7.x-2.7 for Drupal allow remote attackers to inject arbitrary web script or HTML via vectors related to 1 a predictable "webhook URL key" and 2 improper sanitization of "Webhook variables from POST requests."...