CVE-2025-69100

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in fuelthemes North north-wp allows PHP Local File Inclusion.This issue affects North: from n/a through = 5.7.5...

PT-2025-44467

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.7.5 Core Config Manager CCM versions prior to 3.0.8 Description The Core Config Manager CCM in Nagios XI has multiple cross-site scripting XSS issues in the overlay UI elements and the Notification/Check Period...

CVE-2024-47392

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through = 5.7.5...

WordPress plugin Element Pack Elementor Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

CVE-2023-36512

CVE-2023-36512 is a Broken Access Control vulnerability in the WordPress plugin AutomateWoo (

WordPress plugin AutomateWoo security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

GHSA-32VJ-V39G-JH23 spring-security-oauth2-client vulnerable to Privilege Escalation

Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client via the browser to the Authorization Server which...

CVE-2022-1257

Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files...

Nagios XI Arbitrary File Upload Vulnerability

Nagios XI is a commercial monitoring solution built on Nagios Core, including dashboards, web-based configuration, advanced reporting and rich data visualization. An arbitrary file upload vulnerability exists in Nagios XI 5.7.5 and earlier versions. The vulnerability stems from improper validatio...

Nagios 安全漏洞

Nagios is a set of open source and free network monitoring tools from the American company Nagios. A privilege-granting and access-control error vulnerability exists in Nagios Fusion version 4.1.8 and earlier and Nagios XI version 5.7.5 and earlier, which can be exploited by an attacker to escala...

Nagios XI Prior to 5.8.0 - Plugins Filename Authenticated Remote Code Exection

This module exploits a command injection vulnerability CVE-2020-35578 in the /admin/monitoringplugins.php page of Nagios XI versions prior to 5.8.0 when uploading plugins. Successful exploitation allows an authenticated admin user to achieve remote code execution as the apache user by uploading a...

Command injection

Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command...

PT-2021-7665 · Nagios Xi · Nagios Xi

Name of the Vulnerable Software and Affected Versions: Nagios XI version xi-5.7.5 Description: The issue is related to OS command injection due to improper sanitization of authenticated user-controlled input by a single HTTP request. This can lead to OS command injection on the Nagios XI server...

Nagios XI Input Validation Error Vulnerability

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. An input validation error vulnerability exists in the "Auto Discovery" component of Nagios XI prior to...

Oracle MySQL Denial Of Service Vulnerability (Feb 2017) - Linux

Oracle MySQL is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-3302

Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3...

CVE-2017-3302

Crash in libmysqlclient.so in Oracle MySQL before 5.6.21 and 5.7.x before 5.7.5 and MariaDB through 5.5.54, 10.0.x through 10.0.29, 10.1.x through 10.1.21, and 10.2.x through 10.2.3...