201 matches found
Fedora 42 : kea (2025-92b4ae7199)
The remote Fedora 42 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2025-92b4ae7199 advisory. - New version 3.0.1 rhbz2391289 - Fixes CVE-2025-40779 rhbz2391373 Tenable has extracted the preceding description block directly from the Fedora security...
CVE-2025-58593
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeisle Orbit Fox by ThemeIsle themeisle-companion allows Stored XSS.This issue affects Orbit Fox by ThemeIsle: from n/a through = 3.0.0...
PT-2025-34311 · Sftpclient · Xftp Client
Name of the Vulnerable Software and Affected Versions: Xftp FTP Client versions through 3.0 build 0238 Description: Xftp FTP Client versions up to and including 3.0 build 0238 contain a stack-based buffer overflow vulnerability. This issue is triggered by a maliciously crafted PWD response from a...
Mobile Industrial Robots MiR Robots 安全漏洞
Mobile Industrial Robots MiR Robots is an autonomous mobile robot from Mobile Industrial Robots, Denmark. A security vulnerability exists in Mobile Industrial Robots MiR Robots versions prior to 3.0.0, which originates from stored cross-site scripting and could lead to the execution of arbitrary...
Siemens SINEC Traffic Analyzer 信息泄露漏洞
Siemens SINEC Traffic Analyzer is a network traffic analysis tool from Siemens Germany. An information disclosure vulnerability exists in Siemens SINEC Traffic Analyzer versions prior to V3.0, which originates from an internal service port exposure that could lead to unauthorized access...
PT-2025-32354 · Mobile Industrial Robots · Mobile Industrial Robots
Name of the Vulnerable Software and Affected Versions: Mobile Industrial Robots MiR versions prior to 3.0.0 Description: A path traversal vulnerability exists in an API endpoint within Mobile Industrial Robots MiR software. Authenticated users can extract files from the robot file system by...
WordPress Litho theme <= 3.0 - Arbitrary File Deletion Vulnerability
Arbitrary File Deletion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Litho versions = 3.0...
PHPGurukul Car Rental Portal 安全漏洞
Car Rental Portal is a rental car portal. Car Rental Portal suffers from a cross-site request forgery vulnerability that arises from a web application that does not adequately validate that a request is coming from a trusted user. The vulnerability can be exploited by an attacker to spoof a...
CVE-2024-43040
Renwoxing Enterprise Intelligent Management System before v3.0 was discovered to contain a SQL injection vulnerability via the parid parameter at /fx/baseinfo/SearchInfo...
CVE-2023-24804
The ownCloud Android app allows ownCloud users to access, share, and edit files and folders. Prior to version 3.0, the app has an incomplete fix for a path traversal issue and is vulnerable to two bypass methods. The bypasses may lead to information disclosure when uploading the app’s internal...
CVE-2022-22881
Jeecg-boot v3.0 was discovered to contain a SQL injection vulnerability via the code parameter in /sys/user/queryUserComponentData...
CVE-2017-20157
A vulnerability was found in Ariadne Component Library up to 2.x. It has been classified as critical. Affected is an unknown function of the file src/url/Url.php. The manipulation leads to server-side request forgery. Upgrading to version 3.0 is able to address this issue. It is recommended to...
CVE-2025-47628
Missing Authorization vulnerability in quomodosoft QS Dark Mode allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects QS Dark Mode: from n/a through 3.0...
eCommerce-website-in-PHP 安全漏洞
eCommerce-website-in-PHP is a free and open source php e-commerce platform by scriptandtools individual developers. A security vulnerability exists in eCommerce-website-in-PHP version 3.0, which stems from vulnerability to cross-site request forgery attacks...
WordPress plugin Planyo online reservation system 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
springboot-manager 代码注入漏洞
springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...
springboot-manager 代码注入漏洞
springboot-manager is a backend management system based on SpringBoot + Thymeleaf + Layui + Apache Shiro + Redis + Mybatis Plus by an individual developer in China, liwenbin. A code injection vulnerability exists in springboot-manager version 3.0, which originates from cross-site scripting and...
Founder Electronics Enjoys All-Media Acquisition and Editing System 注入漏洞
Founder Electronics Enjoys All-Media Acquisition and Editing System is an all-media acquisition and editing system from China's Founder Electronics. An injection vulnerability exists in Founder Electronics Enjoys All-Media Acquisition and Editing System version 3.0, which stems from an incorrect...
WordPress plugin Reservit Hotel 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-7300 · Phpjabbers · Phpjabbers Restaurant Booking System
Name of the Vulnerable Software and Affected Versions: PHPJabbers Restaurant Booking System version 3.0 Description: The issue concerns multiple HTML injection vulnerabilities in the parameters name, plugin sms api key, plugin sms country code, and title. This allows for potential malicious HTML...