EUVD-2025-2799

Malicious code in bioql PyPI...

EUVD-2025-8556

Malicious code in bioql PyPI...

EUVD-2022-3067

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-5368

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, is vulnerable to CSRF Cross Site Request Forgery which allows a remote attack to make...

CVE-2025-22519

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in jerodmoore eDoc Easy Tables edoc-easy-tables allows SQL Injection.This issue affects eDoc Easy Tables: from n/a through = 1.29...

Backdrop CMS 安全漏洞

Backdrop CMS is a content management system CMS from Backdrop CMS open source. A security vulnerability exists in Backdrop CMS version 1.28.x prior to version 1.28.5 and version 1.29.x prior to version 1.29.3, which stems from a failure to adequately isolate long text content when using CKEditor ...

WordPress plugin eDoc Easy Tables SQL注入漏洞

WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists in WordPress plugin eDoc Easy Tables version 1.29 and earlier...

WordPress eDoc Easy Tables plugin <= 1.29 - CSRF to SQL Injection vulnerability

CSRF to SQL Injection vulnerability discovered by João Pedro Soares de Alcântara Kinorth in WordPress Plugin eDoc Easy Tables versions = 1.29...

WordPress VdoCipher plugin <= 1.29 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin VdoCipher versions = 1.29...

WordPress Schema & Structured Data for WP & AMP plugin <= 1.29 - Authenticated (Contributor+) Stored Cross-Site Scripting via How To and FAQ Blocks vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via How To and FAQ Blocks vulnerability discovered by stealthcopter in WordPress Plugin Schema & Structured Data for WP & AMP versions = 1.29...

CloudBees Jenkins Radiator View Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company a set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing project and some timed execution of the task . A cross-site scripting...

LJcms v1.29 SQL Injection Vulnerability

LJCMS adopts PHP + Mysql architecture, is a very SEO friendly, full-featured, safe and stable, support multi-terminal display and extremely simple to use enterprise station building system. LJcms v1.29 SQL injection vulnerability, attackers can use the vulnerability to obtain sensitive informatio...

mediawiki: $wgRateLimits (rate limit / ping limiter) entry for 'user' overrides that for 'newbie'

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'...

mediawiki: BotPassword can bypass CentralAuth's account lock

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock...

DEBIAN-CVE-2017-5367

Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, which allows a remote attacker to execute malicious scripts within an authenticated client's browser. The URL is /zm/index.php and sample...

UBUNTU-CVE-2017-5367

Multiple reflected XSS vulnerabilities exist within form and link input parameters of ZoneMinder v1.30 and v1.29, an open-source CCTV server web application, which allows a remote attacker to execute malicious scripts within an authenticated client's browser. The URL is /zm/index.php and sample...

DirectAdmin 1.28/1.29 - &#039;CMD_FTP_SHOW&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/21049/info DirectAdmin is prone to multiple cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in th...