8 matches found
CVE-2026-7505 nextlevelbuilder GoClaw/GoClaw Lite RPC improper authorization
A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading to version...
CVE-2026-7505
The CVE-2026-7505 flaw affects nextlevelbuilder GoClaw and GoClaw Lite (up to v3.8.5) in an RPC Handler function, enabling improper authorization that could be exploited remotely. The issue has been assigned a Proof-of-Concept maturity with remote attack potential; upgrading to v3.9.0 is the offi...
EUVD-2026-10140
Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential producti...
CVE-2026-24308 Apache ZooKeeper: Sensitive information disclosure in client configuration handling
Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential producti...
Apache Zookeeper 安全漏洞
Apache Zookeeper is a software project of the Apache Foundation in the United States. It provides open-source distributed configuration services, synchronization services, and naming and registration functions for large-scale distributed computing systems. Versions 3.8.5 and 3.9.4 of Apache...
PT-2024-23403 · WordPress · Wordpress Announcement & Notification Banner Plugin – Bulletin
Name of the Vulnerable Software and Affected Versions: WordPress Announcement & Notification Banner Plugin – Bulletin versions 3.8.5 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allo...
WordPress Simple Membership plugin cross-site request forgery vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Simple Membership plugin is used in one of the website membership plugin. A cross-site request forgery vulnerability exists in the Bulk...
Joomla! SQL Injection Vulnerability (CNVD-2018-06458)
Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. A SQL injection vulnerability exists in the user comments list view in Joomla!...