5 matches found
PT-2025-51174
Name of the Vulnerable Software and Affected Versions aizuda snail-job versions up to 1.6.0 Description A flaw exists in the QLExpressEngine.doEval function within the snail-job-common/snail-job-common-core/src/main/java/com/aizuda/snailjob/common/core/expression/strategy/QLExpressEngine.java fil...
WordPress Narnoo Commerce Manager Plugin <= 1.6.0 is vulnerable to Cross Site Scripting (XSS)
Software Narnoo Commerce Manager Type Plugin Vulnerable versions = 1.6.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51708 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1daa09058da0 Credits João Pedro S Alcântara...
WordPress Annual Archive Plugin < 1.6.0 is vulnerable to Cross Site Scripting (XSS)
Software Annual Archive Type Plugin Vulnerable versions 1.6.0 Fixed in 1.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0178 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID e447b05c3b01 Credits Lana Codes Required...
@alxandr/gatsby-transformer-blog-post (>=0.1.2 <=0.1.18), @lazurski/gulp (=4.0.0-alpha.2-1) +73 more potentially affected by CVE-2020-28503 via copy-props (=1.6.0)
copy-props NPM version =1.6.0 is affected by a known vulnerability. The following packages have a transitive dependency on copy-props and may be impacted: - @alxandr/gatsby-transformer-blog-post =0.1.2, =0.0.18, =0.3.1-vnext, =0.3.1-vnext, =0.4.116-vnext, =0.3.1-vnext, =0.3.1-vnext, =0.3.1-vnext,...
PT-2018-4720 · Npm · Shell-Quote
Name of the Vulnerable Software and Affected Versions: shell-quote versions 1.6.0 and earlier Description: The issue affects the npm module "shell-quote" and allows for code injection due to incorrect escaping of certain characters, including , , ;, , and . This can lead to command injection if t...