9 matches found
CVE-2025-68001
Unrestricted Upload of File with Dangerous Type vulnerability in garidium g-FFL Checkout g-ffl-checkout allows Upload a Web Shell to a Web Server.This issue affects g-FFL Checkout: from n/a through = 2.1.0...
CVE-2025-64323 kgateway is missing xDS authorization
kgateway is a Cloud-Native API and AI Gateway. Versions 2.0.4 and below and 2.1.0-agw-cel-rbac through 2.1.0-rc.2 lack authentication, allowing any client with unrestricted network access to the xDS port to retrieve potentially sensitive configuration data including certificate data, backend...
CVE-2025-60235
Unrestricted Upload of File with Dangerous Type vulnerability in Plugify Support Ticket System for WooCommerce Premium support-ticket-system-for-woocommerce allows Using Malicious Files.This issue affects Support Ticket System for WooCommerce Premium: from n/a through = 2.0.7...
EUVD-2021-28047
Malicious code in bioql PyPI...
CVE-2024-32343
A cross-site scripting XSS vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter...
CVE-2024-10884
The SimpleForm Contact Form Submissions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg & removequeryarg without appropriate escaping on the URL in all versions up to, and including, 2.1.0. This makes it possible for unauthenticated attackers to...
CVE-2024-3895
The WP Datepicker plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpdpaddnewdatepickerajax function in all versions up to, and including, 2.1.0. This makes it possible for authenticated attackers, with subscriber-level access and...
CVE-2024-32343
A cross-site scripting XSS vulnerability in the Create Page of Boid CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Content parameter...
MetadataExtractor Stack Overflow Vulnerability
MetadataExtractor is a .NET library for extracting metadata such as Exif, IPT, XMP and ICC from image and video files. A security vulnerability exists in MetadataExtractor version 2.1.0. An attacker can exploit this vulnerability to cause a denial of service stack consumption...