NanaZip versions 5.0.1252.0 through 6.0.1629.0 contain an out-of-bounds heap read in the .NET Single File bundle parser that can crash the application or expose sensitive heap memory when processing malicious archive files. A local attacker with user privileges can exploit this vulnerability by crafting a specially formatted file, and public exploit code is currently available. No patch is yet available for affected users.
Denial-of-service in Stalwart Mail Server versions 0.13.0 through 0.15.4 allows authenticated users to crash the server by sending a specially crafted email with malformed nested MIME parts through IMAP or JMAP, triggering infinite loops and resource exhaustion. The vulnerability requires valid credentials to exploit and public exploit code exists, but no patch is currently available for affected versions.
Gogs versions 0.13.4 and earlier contain an access control bypass in the label management function that allows authenticated users to modify labels across repositories they don't own. The vulnerability stems from insufficient validation in the label update endpoint, enabling cross-repository label tampering attacks. Public exploit code exists for this issue, though a patch is available in version 0.14.1.
Web Site Management Server versions up to 16.7.0 is affected by cross-site request forgery (csrf) (CVSS 6.5).
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input through admin management parameters. [CVSS 6.4 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by submitting crafted input to the comment parameter. [CVSS 6.4 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating the ID parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the username parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the openvpn_advanced endpoint. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the antispyware endpoint. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the /korugan/proxyconfig endpoint that allow attackers to inject malicious scripts through POST parameters. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains multiple cross-site scripting vulnerabilities that allow attackers to inject malicious scripts through the policyfw endpoint. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the snat endpoint. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the protocol parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the hotspot_permanent_users endpoint. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains multiple reflected cross-site scripting vulnerabilities in the openvpn_users endpoint that allow attackers to inject malicious scripts through POST parameters. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the dnsmasq endpoint. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the VIRUS_ADMIN parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input to the EXCEPTIONSITELIST parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the FWADDRESSES parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input through the device parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTP_SERVER_LIST parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the GATEWAY_GREEN parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the backup schedule interface. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts through the source and destination parameters. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the destination parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting crafted input to the netmask_addr parameter. [CVSS 6.1 MEDIUM]
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by manipulating the organization parameter. [CVSS 6.1 MEDIUM]
Electronic Archives System versions up to 3.2.210802 is affected by improper access control (CVSS 7.3).
SQL injection in itsourcecode Event Management System 1.0 allows unauthenticated remote attackers to manipulate the ID parameter in /admin/manage_register.php, potentially leading to unauthorized data access, modification, or deletion. Public exploit code exists for this vulnerability, and no patch is currently available, creating significant risk for unpatched deployments.
SQL injection in itsourcecode Event Management System 1.0's admin login endpoint allows unauthenticated remote attackers to manipulate the Username parameter and execute arbitrary database queries. Public exploit code exists for this vulnerability, enabling attackers to potentially extract sensitive data or compromise system integrity. No patch is currently available for affected PHP installations.
SQL injection in itsourcecode Event Management System 1.0's booking management interface allows unauthenticated remote attackers to manipulate database queries via the ID parameter in /admin/manage_booking.php. Public exploit code exists for this vulnerability, enabling potential unauthorized data access and modification. No patch is currently available to address this high-severity flaw affecting PHP-based deployments.
NanaZip versions 5.0.1252.0 through 6.0.1629.0 are vulnerable to denial of service through malformed ROMFS archives that trigger infinite loops via circular offset chains or stack overflow via deeply nested directory structures. Public exploit code exists for this vulnerability, allowing local attackers to crash the application and cause a denial of service. No patch is currently available.
Stored HTML injection in Pi-hole Admin Interface versions 6.0+ allows authenticated attackers to inject arbitrary HTML into the active sessions table via the X-Forwarded-For header, which is unsafely rendered when administrators view the API settings page. Public exploit code exists for this vulnerability, affecting administrators who manage Pi-hole instances. An attacker with valid credentials can exploit this to perform client-side attacks against other administrators viewing the compromised session data.
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OpenText™ Web Site Management Server allows Stored XSS. [CVSS 5.4 MEDIUM]
Web Site Management Server versions up to 16.7.0 is affected by cross-site scripting (xss) (CVSS 5.4).
Stored cross-site scripting in ChurchCRM versions before 6.8.2 allows authenticated users with group editing permissions to inject malicious JavaScript that executes when other users view affected groups. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires user interaction and can result in session hijacking or unauthorized actions performed on behalf of affected users.
Changedetection.io versions before 0.53.2 allow unauthenticated attackers to read arbitrary files from the application directory through directory traversal in the static file serving endpoint. An attacker can exploit this by manipulating the group parameter to escape the intended static directory and access sensitive application files like source code. Public exploit code exists for this vulnerability, which has been patched in version 0.53.2.
Unauthenticated remote file read in Echo web framework versions 5.0.0-5.0.2 on Windows allows attackers to traverse outside the static root directory and access arbitrary files via backslash path sequences in requests. The vulnerability stems from improper path normalization where path.Clean() does not treat backslashes as separators, but the underlying os.Open() call on Windows does, enabling directory traversal. Public exploit code exists for this medium-severity vulnerability, though a patch is available in version 5.0.3.
SSRF in Hyland Alfresco Transformation Service via document processing.
Weblate versions up to 5.16.0 contains a vulnerability that allows attackers to an argument injection to `ssh-add` (CVSS 6.6).
The Two Factor (2FA) Authentication via Email plugin for WordPress is vulnerable to Two-Factor Authentication Bypass in versions up to, and including, 1.9.8. [CVSS 6.5 MEDIUM]
The Shield Security plugin for WordPress versions up to 21.0.8 contains a CSRF vulnerability that allows attackers to bypass nonce verification through a manipulated parameter, enabling SQL injection attacks to extract database contents. An unauthenticated attacker can exploit this by tricking a site administrator into clicking a malicious link, potentially compromising sensitive information stored in the WordPress database. No patch is currently available for affected installations.
Skill Scanner versions 1.0.1 and earlier expose an unauthenticated API endpoint due to improper interface binding, allowing remote attackers to trigger memory exhaustion or upload arbitrary files to the affected system. An attacker can exploit this without authentication by sending crafted API requests to the exposed server. A patch is available to address this network-accessible vulnerability.
Simple Membership (WordPress plugin) versions up to 4.7.0 contains a security vulnerability (CVSS 6.5).
Aruba HiSpeed Cache (WordPress plugin) versions up to 3.0.2. is affected by missing authorization (CVSS 6.5).
Dell Unisphere for PowerMax 10.2 contains a file path control vulnerability that allows authenticated remote attackers to disclose sensitive information. The vulnerability requires low-privileged credentials and network access but no user interaction, making it accessible to internal threats or compromised accounts. Currently no patch is available to remediate this issue.
Aruba.it Dev Aruba HiSpeed Cache aruba-hispeed-cache is affected by missing authorization (CVSS 6.5).