Allocation of Resources Without Limits or Throttling

Overview brace-expansion is a Brace expansion as known from sh/bash Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling through the max option being applied after generating all elements in a large numeric range. An attacker can exhaust system...

CVE-2026-32813

Admidio has a second-order SQL injection via its list configuration feature. Authenticated users can store arbitrary values in the list configuration (notably in lsc_special_field, lsc_sort, and lsc_filter) which are later interpolated unsafely into SQL during list rendering, enabling data exfilt...

CVE-2026-32757

Admidio is an open-source user management solution. In versions 5.0.6 and below, the eCard send handler uses a raw $POST'ecardmessage' value instead of the HTMLPurifier-sanitized $formValues'ecardmessage' when constructing the greeting card HTML. This allows an authenticated attacker to inject...

Admidio 安全漏洞

Admidio is a set of open-source member management systems developed by the Admidio team. This system supports features such as member lists, event management, message boards, photo albums, and downloads. Versions of Admidio 5.0.6 and earlier have security vulnerabilities; these vulnerabilities st...

CVE-2026-32757

Admidio is an open-source user management solution. In versions 5.0.6 and below, the eCard send handler uses a raw $POST'ecardmessage' value instead of the HTMLPurifier-sanitized $formValues'ecardmessage' when constructing the greeting card HTML. This allows an authenticated attacker to inject...

CVE-2026-32756

CVE-2026-32756 is linked to a file upload RCE in Admidio (Documents & Files module). The GitHub advisory describes a design flaw in UploadHandlerFile.php where the uploaded file is saved to disk before CSRF and file-extension checks run. If CSRF validation fails (invalid token), the extension che...

CVE-2026-32816 Admidio has Missing CSRF Validation on Role Delete, Activate, and Deactivate Actions

Admidio is an open-source user management solution. In versions 5.0.0 through 5.0.6, the delete, activate, and deactivate modes in modules/groups-roles/groupsroles.php perform destructive state changes on organizational roles but never validate an anti-CSRF token. The client-side UI passes a CSRF...

CVE-2023-49162

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BigCommerce BigCommerce For WordPress.This issue affects BigCommerce For WordPress: from n/a through 5.0.6...

EUVD-2019-10610

Malware in sbrugna...

EUVD-2019-14063

Malware in sbrugna...

EUVD-2020-20466

Malware in sbrugna...

EUVD-2024-20998

Malicious code in bioql PyPI...

EUVD-2022-7019

Malicious code in bioql PyPI...

EUVD-2023-36393

Malicious code in bioql PyPI...

EUVD-2023-36398

Malicious code in bioql PyPI...

CVE-2025-57975

Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through = 5.0.6...

CVE-2025-57975

Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through = 5.0.6...

CVE-2025-57975 WordPress Team Plugin <= 5.0.6 - Broken Access Control Vulnerability

Missing Authorization vulnerability in RadiusTheme Team tlp-team allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Team: from n/a through = 5.0.6...

CVE-2025-58601

Missing Authorization vulnerability in RadiusTheme Classified Listing classified-listing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Classified Listing: from n/a through = 5.0.6...

PT-2025-35735

Name of the Vulnerable Software and Affected Versions: RadiusTheme Classified Listing versions n/a through 5.0.6 Description: A missing authorization flaw exists in RadiusTheme Classified Listing due to incorrectly configured access control security levels. Recommendations: Update RadiusTheme...