8 matches found
CVE-2026-9303 calcom cal.diy cross-site request forgery
A vulnerability was identified in calcom cal.diy up to 4.9.4. Impacted is an unknown function. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. The vendor was contacted early about this...
PT-2026-31121
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PublishPress Post Expirator post-expirator allows DOM-Based XSS.This issue affects Post Expirator: from n/a through = 4.9.4...
CVE-2025-52795 WordPress WP Front User Submit / Front Editor plugin <= 5.0.6 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in aharonyan WP Front User Submit / Front Editor front-editor allows Cross Site Request Forgery.This issue affects WP Front User Submit / Front Editor: from n/a through = 5.0.6...
WordPress plugin WP Front User Submit / Front Editor 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A cross-site request forge...
CVE-2021-35522
A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets...
RaidenMAILD Mail Server 安全漏洞
RaidenMAILD Mail Server is an easy-to-use SMTP/POP3/IMAP4/WebMail mail server from RaidenMAILD. A security vulnerability exists in RaidenMAILD Mail Server v.4.9.4 and earlier versions, which stems from a directory traversal vulnerability. The vulnerability can be exploited to obtain sensitive...
PT-2024-23428 · Unknown · Download Monitor
Name of the Vulnerable Software and Affected Versions: Download Monitor versions through 4.9.4 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting malicio...
UBUNTU-CVE-2020-5504
In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A malicious user could inject custom SQL in place of their own username when creating queries to this page. An attacker must have a valid MySQL account to access the server...