195539 matches found
Joomla! extension EkRishta SQL注入漏洞
The Joomla! extension EkRishta is an open-source community extension designed to provide Joomla websites with functions for matchmaking and marriage-related services. Version 2.10 of the Joomla! extension EkRishta contains a SQL injection vulnerability. This vulnerability stems from persistent...
ProcessMaker 安全漏洞
ProcessMaker is a web-based system developed by ProcessMaker Inc. in the PHP language, used for business process management BPM and workflow management. Version 3.5.4 of ProcessMaker contains a security vulnerability. This vulnerability stems from a local file inclusion flaw, which allows...
Home Assistant 路径遍历漏洞
Home Assistant is an open-source family automation management system developed by Home Assistant. This system is primarily used to control household automation devices. Version 1.10.0 of Home Assistant contains a path traversal vulnerability. This vulnerability stems from path traversal issues,...
OpenSolution Quick.CMS 跨站脚本漏洞
OpenSolution Quick.CMS is a lightweight website content management system developed by the Polish company OpenSolution. Version 6.7 of OpenSolution Quick.CMS contains a cross-site scripting vulnerability. This vulnerability stems from a cross-site scripting flaw in the sliders form, allowing...
WordPress plugin Backup and Restore 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
Social & Mobile Color Notes 安全漏洞
Social & Mobile Color Notes is a note application developed by Social & Mobile that supports text recording, task management, and color categorization. Version 1.4 of Social & Mobile Color Notes contains a security vulnerability. This vulnerability stems from a denial-of-service issue, which coul...
WordPress plugin Supsystic Membership SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
OKI sPSV Port Manager 代码问题漏洞
OKI sPSV Port Manager is a network printing management tool developed by OKI Corporation in Japan. It supports the configuration of printing ports, device connections, and the management of printing services. Version 1.0.41 of OKI sPSV Port Manager contains a code vulnerability. This vulnerabilit...
bloofoxCMS 跨站请求伪造漏洞
BloofoxCMS is a PHP-based content management system developed by the BloofoxCMS team. Version 0.5.2.1 of BloofoxCMS has a cross-site request forgeing vulnerability. This vulnerability allows attackers to trick users into accessing malicious pages and performing administrative operations. Attacker...
Yerootech iDS6 DSSPro Digital Signage System 安全漏洞
The Yerootech iDS6 DSSPro Digital Signage System is a digital signage management system developed by Yerootech that supports the distribution of multimedia content and centralized control. Version 6.2 of the Yerootech iDS6 DSSPro Digital Signage System contains a security vulnerability. This...
LayerBB SQL注入漏洞
LayerBB is a set of small-scale forum software. Version 1.1.4 of LayerBB contains an SQL injection vulnerability. This vulnerability stems from SQL injection issues, which may allow unauthenticated attackers to inject SQL code through the searchquery parameter, thereby manipulating database queri...
Tonec Fze Internet Download Manager 安全漏洞
Tonec Fze Internet Download Manager Idm is a tool developed by the American company Tonec Fze that can increase download speed by up to 5 times and helps to resume and schedule downloads. Version 6.38.12 of Tonec Fze Internet Download Manager contains a security vulnerability. This vulnerability...
Flexense VX Search 代码问题漏洞
Flexense VX Search is a rule-based automatic file search solution provided by Flexense Corporation. It allows users to search for files based on file type, category, file name, size, location, extension, regular expressions, text and binary patterns, creation, modification, and last access dates,...
Net::Statsd::Lite 注入漏洞
Net::Statsd::Lite is a lightweight StatsD client developed by Robert Rothenberg, which supports multiple metric data packets. Versions of Net::Statsd::Lite prior to 0.9.0 have a injection vulnerability. This vulnerability arises from the lack of checks for line breaks, colons, or vertical bars in...
DENX Software Engineering Das U-Boot 访问控制错误漏洞
DENX Software Engineering's Das U-Boot is a general-purpose bootloader developed by the German company DENX Software Engineering. Versions of DENX Software Engineering's Das U-Boot prior to version 2026.04 contained an access control vulnerability. This vulnerability stemmed from the omission of...
jsondiffpatch 安全漏洞
jsondiffpatch is a software developed by Benjamín Eidelman, designed for differentiating and patching JavaScript object functions. Versions of jsondiffpatch prior to 0.7.6 contained security vulnerabilities. These vulnerabilities stemmed from the lack of restrictions on access to special properti...
jsondiffpatch 跨站脚本漏洞
jsondiffpatch is a software developed by Benjamín Eidelman, designed for differentiating and patching JavaScript object functions. Versions of jsondiffpatch prior to 0.7.6 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper cleaning of JSON values and property...
Ocproducts Composr CMS 跨站脚本漏洞
Ocproducts Composr CMS is an open-source content management system CMS developed by the British company Ocproducts, written in PHP language. Version Ocproducts Composr CMS 10.0.34 has a cross-site scripting vulnerability. This vulnerability stems from a persistent cross-site script in the banner...
Jsonpickle 代码注入漏洞
Jsonpickle is a software developed by the individual who created Jsonpickle, designed for Python to serialize Python objects into JSON format. Version 2.0.0 of jsonpickle contains a code injection vulnerability. This vulnerability stems from deserialization issues, allowing attackers to execute...
EgavilanMedia PHPCRUD SQL注入漏洞
EgavilanMedia PHPCRUD is a PHP development framework provided by EgavilanMedia that supports database operations such as creation, deletion, modification, and viewing, along with rapid generation of backend management pages. Version 1.0 of EgavilanMedia PHPCRUD contains a SQL injection...
Syncplify Server 代码问题漏洞
Syncplify Server is an FTP server provided by the Syncplify company. Version 5.0.37 of Syncplify Server has a code vulnerability. This vulnerability stems from an unreferenced service path within the SMWebRestServicev5 service. This could allow local attackers to exploit the unreferenced binary...
WordPress plugin Sticky Notes Color Widgets 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin HS Brand Logo Slider 代码问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
Textpattern CMS 跨站请求伪造漏洞
TextPattern CMS is a content management system based on PHP developed by the TextPattern team. Version 4.9.0-dev of TextPattern CMS has a cross-site request forgeing vulnerability. This vulnerability stems from a remote code execution flaw, allowing authenticated attackers to use the plugin uploa...
WordPress plugin Anti-Malware Security and Bruteforce Firewall 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Multicollab: Content Team Collaboration and Editorial Workflow 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
IObit Advanced SystemCare Service 代码问题漏洞
IObit Advanced SystemCare Service is a Windows background service component developed by IObit that supports system optimization, performance cleanup, and security maintenance. Version 13.0.0.157 of IObit Advanced SystemCare Service contains a code vulnerability. This vulnerability stems from an...
wordpress plugin Supsystic Backup 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Buddypress 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
FUEL CMS SQL注入漏洞
Fuel CMS is a content management system CMS developed by David McReynolds using the Codelgniter framework. Version 1.4.13 of Fuel CMS has a SQL injection vulnerability. This vulnerability stems from a blind SQL injection flaw, allowing authenticated attackers to manipulate database queries throug...
WordPress plugin Cookie Law Bar 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Sticky Notes Widget 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress plugin Supsystic Pricing Table SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin theme Wibar 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CouchCMS 跨站脚本漏洞
CouchCMS is an open-source content management system designed for designers. Version 2.2.1 of CouchCMS has a cross-site scripting vulnerability. This vulnerability stems from cross-site scripting issues, allowing authenticated attackers to upload malicious SVG files through the file upload featur...
Cybertron Privacy Drive 代码问题漏洞
Cybertron Privacy Drive is a security software from Cybertron Corporation that supports disk encryption, creation of virtual encrypted volumes, and protection of privacy data. Version 3.17.0 of Cybertron Privacy Drive has a code vulnerability. This vulnerability stems from an unreferenced service...
WordPress plugin WP Learn Manager 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
MyBB Timeline Plugin 跨站脚本漏洞
The MyBB Timeline Plugin is a plugin provided by MyBB Corporation that offers dynamic timeline displays and social activity stream functions for MyBB forums. Version 1.0 of the MyBB Timeline Plugin contained a cross-site scripting vulnerability. This vulnerability stemmed from cross-site scriptin...
Kite 代码问题漏洞
Kite is an AI code development tool developed by the Kite company in the United States. Version Kite 4.2.0.1 U1 contains a code vulnerability. This vulnerability stems from an unresolved service path in the KiteService Windows service, which may allow local attackers to gain elevated privileges b...
Macaron Notes 安全漏洞
Macaron Notes is a note-taking application developed by Macaron Corporation that supports sticky note recording, schedule organization, and personalized theme management. Version 5.5 of Macaron Notes contains a security vulnerability. This vulnerability stems from allowing attackers to cause...
NetArt Media News Lister 跨站脚本漏洞
NetArt Media News Lister is a website news management system developed by NetArt Media in Bulgaria. It supports news publishing, article management, and content display. NetArt Media News Lister has a cross-site scripting vulnerability. This vulnerability stems from the title parameter in the new...
CodeKernel Token - Queue Management System 跨站脚本漏洞
CodeKernel Token - Queue Management System is a Laravel-based queueing and customer waiting list management system developed by CodeKernel. Version 4.0.0 of CodeKernel Token - Queue Management System contains a cross-site scripting vulnerability. This vulnerability stems from storage-type...
babl 资源管理错误漏洞
Babl is a GEGL open-source image processing library that supports high-performance pixel format conversion and image data processing. Version 0.1.62 of Babl contains a resource management vulnerability. This vulnerability stems from a failure in the double release detection mechanism. It could...
WordPress plugin Essential Chat Support 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress plugin Supsystic Digital Publications 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
My Notes Safe 安全漏洞
My Notes Safe is a security note-taking app developed by GuiWei, which supports encrypted note storage and privacy protection. Version 5.3 of My Notes Safe has a security vulnerability. This vulnerability stems from allowing attackers to inject excessively long strings into note fields, leading t...
WordPress plugin Supsystic Ultimate Maps SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
CMS Made Simple 跨站脚本漏洞
CMS Made Simple CMSMS is an open-source content management system developed by the Cmsms team. This system supports role-based permission management systems, wizard-based installation and update mechanisms, and intelligent caching features. Version 2.2.15 of CMS Made Simple contains a cross-site...
CouchCMS 代码问题漏洞
CouchCMS is an open-source content management system CMS designed for designers. Version 2.2.1 of CouchCMS has a code vulnerability caused by server-side request forgeing issues. This vulnerability could allow authenticated attackers to initiate arbitrary HTTP requests by uploading malicious SVG...
Huawei HarmonyOS 权限许可和访问控制问题漏洞
Huawei HarmonyOS is an operating system developed by Chinese company Huawei. It is a full-scenario distributed operating system based on a microkernel architecture. Huawei HarmonyOS has vulnerabilities related to permission management and access control. These vulnerabilities stem from issues wit...