5 matches found
PT-2026-31305
Name of the Vulnerable Software and Affected Versions Page Builder: Pagelayer plugin for WordPress versions up to and including 2.0.8 Description The Page Builder: Pagelayer plugin for WordPress is susceptible to Stored Cross-Site Scripting via the Button widget's Custom Attributes field. This is...
CVE-2025-48069 ejson2env has insufficient input sanitization
ejson2env allows users to decrypt EJSON secrets and export them as environment variables. Prior to version 2.0.8, the ejson2env tool has a vulnerability related to how it writes to stdout. Specifically, the tool is intended to write an export statement for environment variables and their values...
PT-2023-3650 · Unknown · Spidercontrol Scada Web Server
Name of the Vulnerable Software and Affected Versions: SpiderControl SCADA Webserver versions 2.08 and prior Description: The issue exists due to incorrect restriction of the path name to a directory with limited access. Exploitation of this issue may allow a remote attacker to cause a...
SUSE-SU-2018:1850-1 Security update for python-paramiko
This update for python-paramiko to version 2.0.8 fixes the following issues: - CVE-2018-7750: transport.py in the SSH server implementation of Paramiko did not properly check whether authentication is completed processing other requests. A customized SSH client could have skipped the authenticati...
VulnCheck KEV: CVE-2009-3041
SPIP 1.9 before 1.9.2i and 2.0.x through 2.0.8 does not use proper access control for 1 ecrire/exec/install.php and 2 ecrire/index.php, which allows remote attackers to conduct unauthorized activities related to installation and backups, as exploited in the wild in August 2009...