11 matches found
EUVD-2026-15534
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Handmade Framework handmade-framework allows Reflected XSS.This issue affects Handmade Framework: from n/a through = 3.9...
EUVD-2026-11872
Missing Authorization vulnerability in Cozy Vision SMS Alert Order Notifications sms-alert allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SMS Alert Order Notifications: from n/a through = 3.9.0...
WordPress plugin Tutor LMS 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
JeecgBoot 授权问题漏洞
JeecgBoot is a Java low-code platform for enterprise web applications from China National Torch Jeecg. An authorization issue vulnerability exists in JeecgBoot 3.9.0 and earlier versions, which stems from a vulnerability in the file...
CVE-2025-66043
Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 3...
CVE-2025-39481 WordPress Eventer plugin < 3.11.4 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in imithemes Eventer eventer allows Blind SQL Injection.This issue affects Eventer: from n/a through 3.11.4...
CVE-2025-28056
rebuild v3.9.0 through v3.9.3 has a SQL injection vulnerability in /admin/admin-cli/exec component...
CVE-2025-31806 WordPress Webling plugin <= 3.9.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in uSystems Webling webling allows Stored XSS.This issue affects Webling: from n/a through = 3.9.0...
DLA-4087-1 python3.9 - security update
Bulletin has no description...
Humming Heads Defense Platform 安全漏洞
Humming Heads Defense Platform is a network security software from Humming Heads, Inc. A security vulnerability exists in Humming Heads Defense Platform Ver.3.9.51.x and prior versions that originated from a vulnerability that allows an attacker to send a specially crafted message to modify syste...
CVE-2019-12215
A full path disclosure vulnerability was discovered in Matomo v3.9.1 where a user can trigger a particular error to discover the full path of Matomo on the disk, because lastError.file is used in plugins/CorePluginsAdmin/templates/safemode.twig. NOTE: the vendor disputes the significance of this...