18 matches found
WordPress WP Time Slots Booking Form plugin <= 1.2.46 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Daniel Wade in WordPress Plugin WP Time Slots Booking Form versions = 1.2.46...
CVE-2025-60243
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...
EUVD-2025-38104
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...
CVE-2025-60243
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...
CVE-2025-60243 WordPress Selling Commander for WooCommerce plugin <= 1.2.46 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...
CVE-2025-60243 WordPress Selling Commander for WooCommerce plugin <= 1.2.46 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...
WordPress plugin Selling Commander for WooCommerce 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-45284
Incorrect Privilege Assignment vulnerability in Holest Engineering Selling Commander for WooCommerce selling-commander-connector allows Privilege Escalation.This issue affects Selling Commander for WooCommerce: from n/a through = 1.2.46...
EUVD-2025-18976
Malicious code in bioql PyPI...
CVE-2025-52576
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard is vulnerable to username enumeration and IP spoofing-based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can determine vali...
CVE-2025-52576
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard is vulnerable to username enumeration and IP spoofing-based brute-force protection bypass. By analyzing login behavior and abusing trusted HTTP headers, an attacker can determine vali...
Kanboard 安全漏洞
Kanboard is a suite of open source visual task board software from Kanboard Open Source. The software has the ability to customize the panels to suit your business. A security vulnerability exists in Kanboard versions prior to 1.2.46 that stems from username enumeration and IP spoofing could lead...
CVE-2025-52560 Kanboard Password Reset Poisoning via Host Header Injection
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard allows password reset emails to be sent with URLs derived from the unvalidated Host header when the applicationurl configuration is unset default behavior. This allows an attacker to...
CVE-2025-52560 Kanboard Password Reset Poisoning via Host Header Injection
Kanboard is project management software that focuses on the Kanban methodology. Prior to version 1.2.46, Kanboard allows password reset emails to be sent with URLs derived from the unvalidated Host header when the applicationurl configuration is unset default behavior. This allows an attacker to...
CVE-2025-52560
Kanboard vulnerability CVE-2025-52560 affects Kanboard prior to version 1.2.46 where password reset emails can include URLs derived from an unvalidated Host header if application_url is unset. An attacker can craft a malicious password reset link that leaks the reset token to a domain they contro...
Apache Tomcat JK Connector (mod_jk) < 1.2.46 Authentication Bypass Vulnerability - Linux
Apache Tomcat JK Connector modjk is prone to an authentication bypass vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Moderate: Red Hat Security Advisory: libpng security update
Updated libpng packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Security fix for the ALT Linux 5 package libpng version 1.2.46-alt1
July 13, 2011 Dmitry V. Levin 1.2.46-alt1 - Updated to 1.2.46 fixes: CVE-2011-2690, CVE-2011-2691, CVE-2011-2692...