14 matches found
CVE-2025-12087
The Wishlist and Save for later for Woocommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.1.22 via the 'awwlmremoveaddedwishlistpage' AJAX action due to missing validation on a user controlled key. This makes it possible for...
CVE-2025-12087
The CVE-2025-12087 issue affects the WordPress plugin Wishlist and Save for later for Woocommerce (versions up to and including 1.1.22). It is an Insecure Direct Object Reference vulnerability triggered by insufficient validation of a user-controlled key in the awwlm_remove_added_wishlist_page AJ...
CVE-2024-29096
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Matt Manning MJM Clinic.This issue affects MJM Clinic: from n/a through 1.1.22...
CVE-2025-47657
CVE-2025-47657: SQL Injection in Productive Commerce (WordPress plugin) affecting versions n/a–1.1.22. Public data shows a high-severity, network-exposed vulnerability (CVSS 3.1, base score 9.3) with no exploit details provided and the patch status as Unpatched; no fixed version is listed in the ...
CVE-2025-47657 WordPress Productive Commerce <= 1.1.22 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Productive Minds Productive Commerce allows SQL Injection. This issue affects Productive Commerce: from n/a through 1.1.22...
WordPress plugin Productive Commerce SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...
PT-2024-22716 · Unknown · Mjm Clinic
Name of the Vulnerable Software and Affected Versions: MJM Clinic versions 1.1.22 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for malicious scripts to be injected into web pages. No...
SUSE CVE-2009-1196
The directory-services functionality in the scheduler in CUPS 1.1.17 and 1.1.22 allows remote attackers to cause a denial of service cupsd daemon outage or crash via manipulations of the timing of CUPS browse packets, related to a "pointer use-after-delete flaw."...
CVE-2022-36539
WeDayCare B.V Ouderapp before v1.1.22 allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children...
PT-2022-23453 · Wedaycare B.V · Ouderapp
Name of the Vulnerable Software and Affected Versions: WeDayCare B.V Ouderapp versions prior to 1.1.22 Description: The issue allows attackers to alter the ID value within intercepted calls to gain access to data of other parents and children. Recommendations: For versions prior to 1.1.22, update...
CUPS '_cupsImageReadTIFF()'整数溢出漏洞
BUGTRAQ ID: 34571 CVE ID:CVE-2009-0163 CNCVE ID:CNCVE-20090163 Common Unix Printing SystemCUPS是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。 CUPS处理TIFF图像存在整数溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。...
cups: memory leak handling IPP browse requests
Memory leak in CUPS before 1.1.22, and possibly other versions, allows remote attackers to cause a denial of service memory consumption and daemon crash via a large number of requests to add and remove shared printers...
Debian Security Advisory DSA 621-1 (cupsys)
The remote host is missing an update to cupsys announced via advisory DSA 621-1. OpenVAS Vulnerability Test $Id: deb6211.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 621-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
security flaw
lppasswd in CUPS 1.1.22, when run in environments that do not ensure that file descriptors 0, 1, and 2 are open when lppasswd is called, does not verify that the passwd.new file is different from STDERR, which allows local users to control output to passwd.new via certain user input that triggers...