14 matches found
Telegram Desktop 安全漏洞
Telegram Desktop is the desktop version of Telegram’s open-source instant messaging mobile application. Versions of Telegram Desktop prior to 6.7.5 contained a security vulnerability. This vulnerability stemmed from the function RequestButton in the Bot API component, specifically the handling of...
CVE-2026-2437
The WP Travel Engine – Tour Booking Plugin for WordPress is affected by a Stored Cross‑Site Scripting (XSS) in the wte_trip_tax shortcode, impacting all versions up to and including 6.7.5. The issue arises from insufficient input sanitization and output escaping on user-supplied attributes, enabl...
PT-2026-30314
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wte trip tax' shortcode in all versions up to, and including, 6.7.5 due to insufficient input sanitization and output escaping on user supplied...
WordPress plugin WP Travel Engine – Tour Booking Plugin – Tour Operator Software 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
pypdf vulnerable to inefficient decoding of ASCIIHexDecode streams
Impact An attacker who uses this vulnerability can craft a PDF which leads to long runtimes. This requires accessing a stream which uses the /ASCIIHexDecode filter. Patches This has been fixed in pypdf==6.7.5. Workarounds If you cannot upgrade yet, consider applying the changes from PR 3666...
PT-2026-23002
Name of the Vulnerable Software and Affected Versions pypdf versions prior to 6.7.5 Description A crafted PDF file can cause excessive processing time when accessing a stream that utilizes the /ASCIIHexDecode filter. This issue affects the pypdf library. Recommendations Update to version 6.7.5 or...
CVE-2025-64359
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in StylemixThemes Consulting consulting allows PHP Local File Inclusion.This issue affects Consulting: from n/a through 6.7.5...
PT-2025-44610
Name of the Vulnerable Software and Affected Versions StylemixThemes Consulting versions prior to 6.7.5 Description An improper control of filename for include/require statement exists in StylemixThemes Consulting, potentially leading to PHP Local File Inclusion. This issue allows for the inclusi...
PT-2024-34506 · Tcpdf +1 · Tcpdf +1
Name of the Vulnerable Software and Affected Versions: TCPDF version 6.7.5 Description: A Local File Inclusion LFI issue has been discovered, allowing a user to read arbitrary files from the server's file system through the src tag in an img element, potentially exposing sensitive information...
TCPDF 安全漏洞
TCPDF is an open source library from Tecnick. It is used to generate PDF documents and barcodes. A security vulnerability exists in TCPDF version 6.7.5, which stems from the inclusion of a local file inclusion vulnerability...
ImageMagick Integer Overflow Vulnerability - 03 June (Windows)
The host is installed with ImageMagick and is prone to integer overflow Vulnerability. OpenVAS Vulnerability Test $Id: gbimagemagickintegeroverflowvuln03jun13win.nasl 8173 2017-12-19 11:45:56Z cfischer $ ImageMagick Integer Overflow Vulnerability - 03 June Windows Authors: Thanga Prakash S...
ImageMagick < 6.7.5-1 Integer Overflow Vulnerability (Jun 2013) - Windows
ImageMagick is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
ImageMagick Integer Overflow Vulnerability - 01 June13 (Windows)
The host is installed with ImageMagick and is prone to integer overflow Vulnerability. OpenVAS Vulnerability Test $Id: gbimagemagickintegeroverflowvuln01jun13win.nasl 8173 2017-12-19 11:45:56Z cfischer $ ImageMagick Integer Overflow Vulnerability - 01 June13 Windows Authors: Thanga Prakash S...
ImageMagick < 6.7.5-1 Multiple Vulnerabilities
The remote Windows host is running a version of ImageMagick earlier than 6.7.5-1 and is, therefore, affected by the following vulnerabilities : - An integer overflow error exists related to image IFD and IOP tags. CVE-2012-0247 - A parsing error exists related to image IFD and IOP tags that can...