EUVD-2021-24026

Malware in sbrugna...

EUVD-2025-8338

Malicious code in bioql PyPI...

CVE-2021-37440

NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. substring...

CVE-2025-30862 WordPress reCAPTCHA for all plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in sminozzi reCAPTCHA for all recaptcha-for-all allows Cross Site Request Forgery.This issue affects reCAPTCHA for all: from n/a through = 2.22...

CVE-2025-30862

CVE-2025-30862 is a CSRF vulnerability in the WordPress plugin reCAPTCHA for all (vulnerable up to and including 2.22). Exploitation details are not provided beyond CSRF context, but Patchstack/NVD entries indicate the issue has a CVSS v3.1 base score of 4.3 (Medium) with no privileges required a...

WordPress Pure Chat plugin <= 2.22 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Majed Refaea Patchstack Alliance in WordPress Plugin Pure Chat versions = 2.22...

WordPress plugin Pure Chat 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress Pure Chat plugin <= 2.22 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by Lucio Sá in WordPress Plugin Pure Chat versions = 2.22...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Didier Sampaolo SpamReferrerBlock plugin = 2.22 versions...

Schneider Electric EcoStruxure Power Build 路径遍历漏洞

Schneider Electric EcoStruxure Power Build is a power distribution management software from Schneider Electric, France. The software helps users design, build, commission, operate and maintain electrical installations. A path traversal vulnerability exists in versions of Schneider Electric...

PT-2022-3480 · Schneider Electric · Ecostruxure Power Commission

Name of the Vulnerable Software and Affected Versions: EcoStruxure Power Commission versions prior to V2.22 Description: The issue is related to an improper limitation of a pathname to a restricted directory, also known as a 'Path Traversal' vulnerability. This could allow a remote attacker to...

CVE-2021-37461

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= reflected...

CVE-2021-37458

Cross Site Scripting XSS exists in NCH Axon PBX v2.22 and earlier via the primary phone field stored...

Remote code execution

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers used by GitHub Pages were not sufficiently restricted and made it possible to execute commands on the...

ABB M2M ETHERNET Improper Authentication Vulnerability

ABB M2M ETHERNET is a network analysis device from ABB Switzerland. An authorization issue vulnerability exists in ABB M2M ETHERNET FW version 2.22 and earlier and ETH-FW version 1.01 and earlier. An attacker can exploit this vulnerability to upload malicious language files...

ABB M2M ETHERNET

1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable from an adjacent network/low skill level to exploit Vendor: ABB Equipment: M2M ETHERNET Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to upload a malicious...

Kshop 2.22 'kshop_search.php' Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/30576/info Kshop is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input data. An attacker may leverage this issue to execute arbitrary script code in the browser of ...

Michael Kohn Ringtone Tools 2.22 EMelody File Remote Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12010/info Ringtone Tools is reported prone to a remote buffer overflow vulnerability. This issue arises because the application fails to carry out proper boundary checks before copying user-supplied data in to sensitive...

PHP ICalender 2.22 Index.PHP Cross-Site Scripting Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/18721/info PHP iCalender is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser...

Mozilla SeaMonkey Multiple Vulnerabilities-01 (Nov 2013) - Windows

Mozilla Seamonkey is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:seamonkey";...