WordPress plugin Cliengo 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2025-21131

Substance3D - Stager versions 3.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

iTop 路径遍历漏洞

iTop is a platform that provides all the resources needed to optimize iTop. A security vulnerability exists in iTop versions 3.0.4 and 3.1.1 that stems from a flaw in the dashboard editor. An attacker exploiting this vulnerability could load multiple files and URLs, as well as expose the full pat...

CVE-2024-25293

mjml-app versions 3.0.4 and 3.1.0-beta were discovered to contain a remote code execution RCE via the href attribute...

Cross site scripting

iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, on pages/UI.php, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0...

CVE-2023-34447 iTop XSS vulnerability on pages/UI.php

iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, on pages/UI.php, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0...

CVE-2023-34447 iTop XSS vulnerability on pages/UI.php

iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, on pages/UI.php, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0...

CVE-2023-34446 iTop XSS vulnerability on pages/preferences.php

iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, when displaying pages/preferences.php, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0...

CVE-2023-34446 iTop XSS vulnerability on pages/preferences.php

iTop is an open source, web-based IT service management platform. Prior to versions 3.0.4 and 3.1.0, when displaying pages/preferences.php, cross site scripting is possible. This issue is fixed in versions 3.0.4 and 3.1.0...

PT-2023-24882 · Itop +1 · Itop +1

Name of the Vulnerable Software and Affected Versions: iTop versions prior to 3.0.4 and 3.1.0 Description: iTop is an open source, web-based IT service management platform. Cross site scripting is possible on pages/UI.php in versions prior to 3.0.4 and 3.1.0. Recommendations: For versions prior t...

SUSE CVE-2019-3773

Spring Web Services, versions 2.4.3, 3.0.4, and older unsupported versions of all three projects, were susceptible to XML External Entity Injection XXE when receiving XML data from untrusted sources...

UBUNTU-CVE-2022-45442

Sinatra is a domain-specific language for creating web applications in Ruby. An issue was discovered in Sinatra 2.0 before 2.2.3 and 3.0 before 3.0.4. An application is vulnerable to a reflected file download RFD attack that sets the Content-Disposition header of a response when the filename is...

Monstra CMS Cross-Site Scripting Vulnerability

Monstra CMS is a lightweight PHP-based content management system CMS developed by Ukrainian software developer Sergey Romanenko. The system is easy to install and use, scalable and so on. A cross-site scripting vulnerability exists in the 'title' function of the plugins/box/pages/pages.plugin.php...