195539 matches found
WordPress plugin Media Library Assistant plugin Cross-site Scripting Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a series of chipsets from Qualcomm, an American company. A security vulnerability exists in Qualcomm Chipsets. Attackers have exploited the vulnerability to cause a denial-of-service attack on the system...
Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet SQL注入漏洞
Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software is a Schweitzer Engineering Laboratories, Inc. tool for configuring, commissioning and managing power system protection, control, metering and monitoring equipment. monitoring equipment of the power system. A security...
MongoDB 日志信息泄露漏洞
MongoDB is a document-oriented database management system of the U.S. MongoDB company. An information disclosure vulnerability exists in MongoDB that stems from the possibility of incorrectly posting events containing authentication-related data to an application-configured command listener, whic...
GNU Binutils 安全漏洞
GNU Binutils is a set of open source tools for working with binaries such as target files, executables, libraries, etc., mainly used in the areas of compilation, debugging, reverse engineering and so on. A denial of service vulnerability exists in GNU Binutils. An attacker can exploit this...
Microsoft .NET Framework Security Vulnerabilities
Microsoft .NET Framework is a comprehensive and consistent programming model from Microsoft Corporation USA and a development platform. The platform includes the C and Visual Basic programming languages, a public language runtime library, and an extensive class library. A security vulnerability...
WordPress plugin WPCode cross-site scripting vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress Plugin Life Album Gallery 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress Plugin wordpress-mobile-pack 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...
SQLFluff 注入漏洞
SQLFluff is a dialect-flexible and configurable SQL linter. An injection vulnerability exists in SQLFluff versions prior to 2.1.2 that stems from allowing an attacker to call arbitrary python code via libarypath...
Shopware 代码问题漏洞
Shopware is a suite of open source e-commerce software from the German company Shopware. A code issue vulnerability exists in Shopware versions prior to 5.7.18 that stems from some flaws in the email validation during the registration process, so that different email addresses may be constructed,...
nuxt 代码注入漏洞
Nuxt.js is an open source web application framework based on Vue.js, Node.js, Webpack and Babel.js. A code injection vulnerability exists in versions prior to nuxt 3.5.3. An attacker exploits this vulnerability to perform a code injection attack...
WordPress Plugin Weaver Show Posts 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress Plugin WooSidebars Sidebar Manager Converter 输入验证错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...
MP4v2 安全漏洞
MP4v2 is a library for creating, modifying, and reading MP4 files by enzo1982 individual developers. A security vulnerability exists in MP4v2 version 2.1.3, which stems from a memory leak in mp4fileio...
WordPress plugin Newsletter Popup 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
Sitecore Experience Platform 路径遍历漏洞
Sitecore Experience Platform XP is a suite of customer digital experience platforms from Sitecore, Denmark. A security vulnerability exists in Sitecore Experience Platform 10.2 and prior versions, which stems from a directory traversal vulnerability that could allow an authenticated, remote...
Intel Processors 安全漏洞
Intel Processors are American Intel Corporation's offerings to interpret computer instructions and process data in computer software. A security vulnerability exists in Intel Processors. Attackers have exploited the vulnerability to cause information leakage...
Wordpress plugin Wholesale Suite 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. Wordpress plugin Wholesale Suite...
WordPress plugin NEX-Forms SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exist...
TOTOLINK X5000R 操作系统命令注入漏洞
TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK X5000R V9.1.0u.6118B20201102 and V9.1.0u.6369B20230113 versions, which stems from the presence of a command injection in the setting/setTracerouteCfg, which can be exploited by an...
PortlandLabs Concrete CMS 授权问题漏洞
PortlandLabs Concrete CMS is a team-oriented open source content management system from PortlandLabs, Inc. in the United States. An authorization issue vulnerability exists in PortlandLabs Concrete CMS versions prior to 9.2, which stems from vulnerability to possible Auth bypass attacks...
phpMyFAQ 跨站脚本漏洞
phpMyFAQ is a multilingual, fully database-driven FAQ system by the individual developer Thorsten Rinne. A cross-site scripting vulnerability exists in phpMyFAQ Cross-Site Scripting Vulnerability. No information about this vulnerability is available at this time, so stay tuned to CNNVD or vendor...
WordPress Plugin Google Maps v3 Shortcode 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
Electra Central AC unit 安全漏洞
The Electra Central AC unit is an Electra Central AC unit from Electra. A security vulnerability exists in the Electra Central AC unit. An attacker could exploit the vulnerability to cause the unit to connect to an unauthorized update server...
SourceCodester Employee and Visitor Gate Pass Logging System SQL注入漏洞
Employee and Visitor Gate Pass Logging System is an employee and visitor pass logging system by Carlo Montero, an individual developer. SourceCodester Employee and Visitor Gate Pass Logging System version 1.0 suffers from a SQL injection vulnerability that stems from a problem in the file...
QNAP Systems部分产品 安全漏洞
QNAP Systems QTS and QNAP Systems QuTS hero are both products of China Weilian Technology QNAP Systems.QNAP Systems QTS is an operating system used by entry to mid-level QNAP NAS.QNAP Systems QuTS hero is an operating system. A security vulnerability exists in QNAP Systems QTS, QuTS hero,...
Delta Electronics InfraSuite Device Master 安全漏洞
Delta Electronics InfraSuite Device Master is Delta Electronics' device for simplifying and automating critical equipment monitoring. An authentication error vulnerability exists in Delta Electronics InfraSuite Device Master versions prior to 1.0.5, which can be exploited by an attacker to genera...
WordPress plugin HT Portfolio 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
CKEditor 跨站脚本漏洞
CKEditor is an open source, web-based text editor. A cross-site scripting vulnerability exists in CKEditor4 versions prior to 4.21.0, which stems from packages on web pages that lack proper content security policy configuration...
Moodle 跨站脚本漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment. A security vulnerability exists in Moodle. An attacker exploited the vulnerability to perform a cross-site scripting attack...
Dell BIOS 输入验证错误漏洞
Dell BIOS is embedded software on a small memory chip on a computer motherboard from Dell, Inc. A security vulnerability exists in Dell BIOS, which arises from an incorrect input validation vulnerability that can be exploited by a locally authenticated attacker with administrator privileges to...
WordPress Plugin Cristian Client Portal – Private user pages and login 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Cristian Client Portal -...
Froxlor 安全漏洞
Froxlor is a lightweight server management software from the Froxlor team. A security vulnerability exists in Froxlor versions prior to 2.0.13, which stems from the ability to log in with a password that is stored in the database as an MD5 hash, leading to type obfuscation in PHP, which can be...
libheif 安全漏洞
libheif is an ISO/IEC 23008-12:2017 HEIF file format decoder and encoder. A security vulnerability exists in libheif. An attacker exploited the vulnerability to cause a buffer overflow during a memcpy call via a specially crafted image file...
WordPress Plugin Hueman Addons 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Octobox 安全漏洞
Octobox is a tool for managing GitHub notifications. A security vulnerability exists in Octobox PR versions prior to 2807, which originates from a ReDoS vulnerability that can be triggered by a system user providing a specially crafted search query string...
Apollo 访问控制错误漏洞
Apollo is a set of PHP scripts by Alex Breen, an individual developer. It is intended to provide a web-based interface for students to upload coursework. A security vulnerability exists in Apollo versions prior to 2.1.0 that stems from not enabling authentication for the built-in eureka service,...
Moodle 跨站脚本漏洞
Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which stems from insufficient cleansing of user-supplied data in blog searches, and which ca...
Intel Processors 安全漏洞
Intel Processors are U.S.-based companies of Intel Corporation that provide for the interpretation of computer instructions and the processing of data in computer software. A security vulnerability exists in Intel Processors that originates from an incorrect initialization in the IntelR TXT SINIT...
Intel Integrated Baseboard Management Controller 安全漏洞
Intel Integrated Baseboard Management Controller is an integrated baseboard management controller from Intel Corporation USA. A security vulnerability exists in Intel Integrated Baseboard Management Controller BMC. An attacker could exploit this vulnerability to cause a denial of service on the...
NETGEAR Nighthawk 缓冲区错误漏洞
NETGEAR Nighthawk is a series of wireless routers from NETGEAR. A security vulnerability exists in NETGEAR Nighthawk Mesh WiFi Systems, which stems from the presence of a stack-based buffer overflow vulnerability...
WordPress plugin Metform Elementor Contact Form Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
Django 安全漏洞
Django is the Django Foundation's set of open source Web application framework based on the Python language . The framework includes an object-oriented mapper, view system, template system and so on. A security vulnerability exists in Django version 3.2 up to and including version 3.2.17, version...
Jenkins Plugin GitHub Pull Request Builder 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application . An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
WordPress plugin The User Verification 授权问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
SAP NetWeaver和SAP NetWeaver ABAP Server 安全漏洞
SAP NetWeaver and SAP NetWeaver ABAP Server are products of SAP, Germany.SAP NetWeaver is an integrated, service-oriented application platform that provides a development environment for SAP applications. SAP NetWeaver is an integrated, service-oriented application platform that provides a...
bzip2 输入验证错误漏洞
bzip2 is an open source compression/decompression application. A security vulnerability exists in bzip2-rs, which stems from allowing an attacker to cause a denial of service via a large file, which triggers an integer overflow in mem.rs...
Discourse 安全漏洞
Discourse is an open source community discussion platform. The platform includes community, email, and chat room features. A security vulnerability exists in Discourse versions prior to 2.8.14 stable, 2.9.0.beta16 beta and tests-passed. An attacker can exploit this vulnerability to create posts...
WordPress plugin Broken Link Checker 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...