OPENSUSE-SU-2026:10920-1 cacti-1.2.30+git457.e55c2aea-1.1 on GA media

These are all security issues fixed in the cacti-1.2.30+git457.e55c2aea-1.1 package on the GA media of openSUSE Tumbleweed...

Security update for cacti (important)

openSUSE Security Update: Security update for cacti Announcement ID: openSUSE-SU-2026:0169-1 Rating: important References: Affected Products: openSUSE Backports SLE-15-SP7 An update that contains security fixes can now be installed. Description: This update for cacti fixes the following issues: -...

OPENSUSE-SU-2026:10599-1 cacti-1.2.30+git306.82d5aef5-1.1 on GA media

These are all security issues fixed in the cacti-1.2.30+git306.82d5aef5-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2026:10241-1 cacti-1.2.30+git231.bca15e70c-1.1 on GA media

These are all security issues fixed in the cacti-1.2.30+git231.bca15e70c-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-67728

Fireshare facilitates self-hosted media and link sharing. Versions 1.2.30 and below allow an authenticated user, or unauthenticated user if the Public Uploads setting is enabled, to craft a malicious filename when uploading a video file. The malicious filename is then concatenated directly into a...

CVE-2025-67728

Fireshare is affected by an OS command injection in versions 1.2.30 and earlier. The vulnerability arises when a malicious filename, supplied during video uploads (authenticated user or public uploads enabled), is concatenated directly into a shell command, enabling path traversal to arbitrary di...

CVE-2025-67728 Fireshare Public Uploads feature is vulnerable to OS Command Injection (RCE)

Fireshare facilitates self-hosted media and link sharing. Versions 1.2.30 and below allow an authenticated user, or unauthenticated user if the Public Uploads setting is enabled, to craft a malicious filename when uploading a video file. The malicious filename is then concatenated directly into a...

EUVD-2025-203055

Fireshare facilitates self-hosted media and link sharing. Versions 1.2.30 and below allow an authenticated user, or unauthenticated user if the Public Uploads setting is enabled, to craft a malicious filename when uploading a video file. The malicious filename is then concatenated directly into a...

Fireshare 命令注入漏洞

Fireshare is a media hosting software by the individual developer Shane Israel. A command injection vulnerability exists in Fireshare versions 1.2.30 and earlier, which stems from uploading a video file with the filename spliced directly into a shell command, which could lead to remote code...

EUVD-2023-38094

Malicious code in bioql PyPI...

CVE-2025-49332

CVE-2025-49332 (WP Time Slots Booking Form) is a CSRF vulnerability affecting WP Time Slots Booking Form versions up to 1.2.30. The CVE entry lists a CVSSv3.1 base score of 4.3 (Medium) with impact on integrity only (I:L) and no confidentiality/availability impact; exploit details are not provide...

CVE-2017-16815

installer.php in the Snap Creek Duplicator WordPress Site Migration & Backup plugin before 1.2.30 for WordPress has XSS because the values "urlnew" /wp-content/plugins/duplicator/installer/build/view.step4.php and "logging" wp-content/plugins/duplicator/installer/build/view.step2.php are not...

WordPress plugin Martins Free & Easy SEO BackLink Link Building Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-32232 · WordPress · Martins Free & Easy Seo Backlink Link Building Network

Name of the Vulnerable Software and Affected Versions: The Martins Free & Easy SEO BackLink Link Building Network WordPress plugin versions prior to 1.2.30 Description: The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitized and escaped before...

FreeBSD : Kanboard -- Multiple vulnerabilities (bfca647c-0456-11ee-bafd-b42e991fc52e)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the bfca647c-0456-11ee-bafd-b42e991fc52e advisory. - Kanboard is open source project management software that focuses on the Kanban methodology...

DEBIAN-CVE-2023-33956

Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to an Insecure direct object reference IDOR vulnerability present in the application's URL parameter. This vulnerability enables any user to read files uploaded by any...

CVE-2023-33969

Kanboard is open source project management software that focuses on the Kanban methodology. A stored Cross site scripting XSS allows an attacker to execute arbitrary Javascript and any user who views the task containing the malicious code will be exposed to the XSS attack. Note: The default CSP...

CVE-2023-33968

Kanboard is open source project management software that focuses on the Kanban methodology. Versions prior to 1.2.30 are subject to a missing access control vulnerability that allows a user with low privileges to create or transfer tasks to any project within the software, even if they have not...

DEBIAN-CVE-2023-33969

Kanboard is open source project management software that focuses on the Kanban methodology. A stored Cross site scripting XSS allows an attacker to execute arbitrary Javascript and any user who views the task containing the malicious code will be exposed to the XSS attack. Note: The default CSP...

Cross site scripting

Kanboard is open source project management software that focuses on the Kanban methodology. A stored Cross site scripting XSS allows an attacker to execute arbitrary Javascript and any user who views the task containing the malicious code will be exposed to the XSS attack. Note: The default CSP...