Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/02/20 1:26 p.m.6 views

CVE-2026-25418

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Bit Apps Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through = 2.21.10...

7.6CVSS5.9AI score0.00276EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:27 a.m.3 views

CVE-2026-25418

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bitpressadmin Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through = 2.21.10...

5.8AI score0.00276EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.5 views

PT-2026-20740

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in bitpressadmin Bit Form bit-form allows SQL Injection.This issue affects Bit Form: from n/a through = 2.21.10...

5.8AI score0.00276EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/28 9:16 a.m.6 views

WordPress Bit Form plugin <= 2.21.10 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Bit Form versions = 2.21.10...

7.6CVSS5.9AI score0.00276EPSS
Exploits0Affected Software1
OSV
OSV
added 2025/12/28 3:15 p.m.6 views

CVE-2025-15141

A vulnerability was determined in Halo up to 2.21.10. This issue affects some unknown processing of the file /actuator of the component Configuration Handler. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. This attack is characterized by high...

2.3CVSS3.9AI score
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/28 12:0 a.m.5 views

PT-2025-53656

Name of the Vulnerable Software and Affected Versions Halo versions up to 2.21.10 Description A flaw exists in Halo, specifically within the Configuration Handler component. This issue involves the processing of the /actuator file and can lead to information disclosure. The attack can be carried...

3.1CVSS5.5AI score0.00217EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/12/06 5:32 a.m.18 views

CVE-2025-14117 fit2cloud Halo cross-site request forgery

A vulnerability has been found in fit2cloud Halo 2.21.10. Impacted is an unknown function. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure...

5.3CVSS0.00199EPSS
Exploits1References5
Rows per page
Query Builder