aa-charlink (>=0.1.1 <=1.0.0), aa-drifters (=0.1.0a0) +507 more potentially affected by CVE-2025-57833 via django (>=4.0.0 <=4.2.23)

django PYPI version =4.0.0, =0.1.1, =1.0.0, =0.1.0a0, =0.11.0a0, =0.1.1, =1.1.0, =0.1.0, =0.0.3, =4.0.9.0, =65.10.0, =65.10.3 and more Source cves: CVE-2025-57833 Source advisory: SNYK:PYTHON-DJANGO-12485156...

WordPress MultiVendorX plugin <= 4.2.23 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika in WordPress Plugin MultiVendorX versions = 4.2.23...

BigTree CMS cross-site scripting vulnerability (CNVD-2018-21319)

Fastspot BigTree is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A cross-site scripting vulnerability exists in /admin/ajax/file-browser/upload/ in Fastspot BigTree version 4.2.23. A remote attacker can exploit this vulnerability to inject...

CVE-2018-18308

In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ aka the image upload area...

Cross site scripting

In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ aka the image upload area...