318 matches found
@capriza/far (>=0.1.2 <=2.4.2), @cobalt-engine/cobower (=2.0.0) +388 more potentially affected by CVE-2024-12905 via tar-fs (>=0.1.8 <=1.16.3)
tar-fs NPM version =0.1.8, =0.1.2, =6.0.3, =6.0.3, =6.0.3, =2.1.1, =0.10.2, =0.0.0-beta.1, =0.0.0-beta.1, =0.0.0-beta.1, =0.1.0, =0.1.0, =1.0.5, =1.1.2 - @elm-node/npm-scripts =1.0.0 - @hlsrules-test/fc-libreoffice =1.0.0 and more Source cves: CVE-2024-12905 Source advisory: OSV:GHSA-PQ67-2WWV-3X...
CVE-2025-22267
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpweaver Weaver Themes Shortcode Compatibility weaver-themes-shortcode-compatibility allows Stored XSS.This issue affects Weaver Themes Shortcode Compatibility: from n/a through = 1.0.4...
CVE-2025-22267 WordPress Weaver Themes Shortcode Compatibility Plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bruce Wampler Weaver Themes Shortcode Compatibility allows Stored XSS. This issue affects Weaver Themes Shortcode Compatibility: from n/a through 1.0.4...
CVE-2025-22267 WordPress Weaver Themes Shortcode Compatibility Plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpweaver Weaver Themes Shortcode Compatibility weaver-themes-shortcode-compatibility allows Stored XSS.This issue affects Weaver Themes Shortcode Compatibility: from n/a through = 1.0.4...
WordPress plugin Weaver Themes Shortcode Compatibility 跨站脚本漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exist...
WordPress Weaver Themes Shortcode Compatibility Plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by 0xd4rk5id3 Patchstack Alliance in WordPress Plugin Weaver Themes Shortcode Compatibility versions = 1.0.4...
CVE-2024-48070
An issue in Weaver E-cology v. attackers construct special requests to insert remote malicious code and to trigger malicious code execution, and control server privileges...
CVE-2024-48072
Weaver Ecology v9. was discovered to contain a SQL injection vulnerability via the component...
CVE-2024-48072
Weaver Ecology v9. was discovered to contain a SQL injection vulnerability via the component...
CVE-2024-48070
An issue in Weaver E-cology v. attackers construct special requests to insert remote malicious code and to trigger malicious code execution, and control server privileges...
CVE-2024-48069
A vulnerability was found in Weaver E-cology allows attackers use race conditions to bypass security mechanisms to upload malicious files and control server privileges...
CVE-2024-48069
A vulnerability was found in Weaver E-cology allows attackers use race conditions to bypass security mechanisms to upload malicious files and control server privileges...
Weaver e-cology 安全漏洞
Weaver e-cology is a collaborative management application platform from China's Weaver. A security vulnerability exists in Weaver e-cology v9, which is prone to SQL injection attacks...
PT-2024-32980 · Unknown · Weaver E-Cology
Name of the Vulnerable Software and Affected Versions: Weaver E-cology versions 9.x Description: The issue allows attackers to construct special requests to insert remote malicious code and trigger malicious code execution, potentially gaining control of server privileges. It is related to a SQL...
Weaver e-cology 安全漏洞
Weaver e-cology is a collaborative management application platform from China's Weaver. A security vulnerability exists in Weaver e-cology version v9, which stems from vulnerability to remote code execution attacks, where an attacker can execute arbitrary code by injecting a carefully crafted...
CVE-2024-48072
Weaver Ecology v9. was discovered to contain a SQL injection vulnerability via the component...
CVE-2024-48069
A vulnerability was found in Weaver E-cology allows attackers use race conditions to bypass security mechanisms to upload malicious files and control server privileges...
Weaver e-cology 安全漏洞
Weaver e-cology is a collaborative management application platform from China's Weaver. A security vulnerability exists in Weaver e-cology v9, which is prone to SQL injection attacks...
CVE-2024-48072
Weaver Ecology v9. was discovered to contain a SQL injection vulnerability via the component...
CVE-2024-48070
An issue in Weaver E-cology v. attackers construct special requests to insert remote malicious code and to trigger malicious code execution, and control server privileges...