7 matches found
EUVD-2026-39492
pnpm Vulnerable to Arbitrary File Write/Delete via Malicious Patch File Path Traversal...
CVE-2026-50573
pnpm is a package manager. Prior to 10.34.0 and 11.4.0, pnpm install in non-frozen mode can accept new remote package content after detecting that the downloaded tarball does not match the integrity recorded in pnpm-lock.yaml. When a package is already locked with an integrity value, and the...
PT-2025-49879
Cross-Site Request Forgery CSRF vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Cross Site Request Forgery.This issue affects Salon booking system: from n/a through = 10.30.3...
PT-2023-14300 · Gx · Xperiencentral
Name of the Vulnerable Software and Affected Versions: GX Software XperienCentral versions 10.36.0 and earlier Description: The issue allows unauthorized users to post data to the server by sending POST requests to the /web/mvc endpoint if they can bypass other security filters. Recommendations:...
PT-2023-14175 · WordPress · Subscribe2
Name of the Vulnerable Software and Affected Versions: Subscribe2 WordPress plugin versions prior to 10.38 Description: The issue allows attackers to make a logged-in admin delete arbitrary users by knowing their email via a CSRF attack, due to the lack of a CSRF check when deleting users...
CVE-2021-35037
Jamf Pro before 10.30.1 allows for an unvalidated URL redirect vulnerability affecting Jamf Pro customers who host their environments on-premises. An attacker may craft a URL that appears to be for a customer's Jamf Pro instance, but when clicked will forward a user to an arbitrary URL that may b...
PCRE Buffer Overflow Vulnerability
PCRE Perl Compatible Regular Expressions is a software developer Philip Hazel developed a use of C language written in open source regular expression library. A buffer overflow vulnerability exists in versions of PCRE prior to 10.34. The vulnerability stems from a networked system or product...