CVE-2025-70821

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component...

CVE-2025-65792

DataGear v5.5.0 is vulnerable to Arbitrary File Deletion...

EUVD-2025-22514

Malicious code in bioql PyPI...

CVE-2025-45731

A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...

CVE-2025-45731

A group deletion race condition in 2FAuth v5.5.0 causes data inconsistencies and orphaned accounts when a group is deleted while other operations are pending...

GHSA-77CQ-WGPF-G449 Coaster CMS Stored Cross-site Scripting vulnerability

A Stored Cross-site Scripting vulnerability has been discovered in the v5.5.0 version of the Coaster CMS product...

Coaster CMS Stored Cross-site Scripting vulnerability

A Stored Cross-site Scripting vulnerability has been discovered in the v5.5.0 version of the Coaster CMS product...

Hikvision IP Camera Unauthenticated Command Injection

This module exploits an unauthenticated command injection in a variety of Hikvision IP cameras CVE-2021-36260. The module inserts a command into an XML payload used with an HTTP PUT request sent to the /SDK/webLanguage endpoint, resulting in command execution as the root user. This module...

CVE-2018-17876

A Stored XSS vulnerability has been discovered in the v5.5.0 version of the Coaster CMS product...

CVE-2018-17876

CVE-2018-17876 is a Stored XSS vulnerability affecting Coaster CMS v5.5.0. Multiple connected sources confirm a Stored XSS in this version; attack requires user interaction and can be triggered via web requests (packetstorm details POST /admin/pages/edit/26). No explicit remediation/patch details...