CVE-2026-22245 Mastodon has SSRF Protection bypass

Mastodon is a free, open-source social network server based on ActivityPub. By nature, Mastodon performs a lot of outbound requests to user-provided domains. Mastodon, however, has some protection mechanism to disallow requests to local IP addresses unless specified in ALLOWEDPRIVATEADDRESSES to...

CVE-2025-62617 Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality

Admidio is an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can explo...

CVE-2025-62617 Admidio Vulnerable to Authenticated SQL Injection in Member Assignment Functionality

Admidio is an open-source user management solution. Prior to version 4.3.17, an authenticated SQL injection vulnerability exists in the member assignment data retrieval functionality of Admidio. Any authenticated user with permissions to assign members to a role such as an administrator can explo...

SQL Injection

Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to SQL Injection via the filterroluuid parameter in the membersassignmentdata.php process. An attacker can execute arbitrary SQL command...

EUVD-2015-1565

Malware in sbrugna...

CVE-2020-36831

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on multiple user privilege/security functions provided in versions up to, and including 4.3.17. This makes it possible for low-privileged attackers, like...

WordPress plugin NextScripts: Social Networks Auto-Poster 访问控制错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. An Access Control Error vulnerability exists in WordPres...

PT-2024-10841 · WordPress · Nextscripts: Social Networks Auto-Poster

Name of the Vulnerable Software and Affected Versions: NextScripts: Social Networks Auto-Poster plugin for WordPress versions prior to 4.3.17 Description: The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on...

ifm electronic Smart PLC AC14xx and ifm electronic Smart PLC AC4xxS Trust Management Issue Vulnerability

The ifm electronic Smart PLC AC14xx and ifm electronic Smart PLC AC4xxS are both a series of hosts/gateways from ifm electronic Germany. A trust management issue vulnerability exists in ifm electronic Smart PLC AC14xx and ifm electronic Smart PLC AC4xxS versions 4.3.17 and earlier, which originat...

Smart PLC AC14xx and Smart PLC AC4xxS Operating System Command Injection Vulnerability

The ifm electronic Smart PLC AC14xx and ifm electronic Smart PLC AC4xxS are a series of hosts/gateways from ifm electronic, Germany. An operating system command injection vulnerability exists in Smart PLC AC14xx and Smart PLC AC4xxS versions 4.3.17 and earlier, which originates from a remote...

CVE-2015-1430

Buffer overflow in xymon 4.3.17-1...

CVE-2015-1430

Buffer overflow in xymon 4.3.17-1...