| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Order Listener for WooCommerce WordPress plugin before 3.2.2 does not sanitise and escape the id parameter before using it in a SQL statement via a REST route available to unauthenticated users, leading to an SQL injection |
| A vulnerability in ABB ARG600 Wireless Gateway series that could allow an attacker to exploit the vulnerability by remotely connecting to the serial port gateway, and/or protocol converter, depending on the configuration. |
| Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4. |
| Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4. |
| Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1. |
| Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. |
| Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to 2.10.4. |
| Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4. |
| Stored XSS due to Unrestricted File Upload in GitHub repository star7th/showdoc prior to v2.10.4. |
| Server-Side Request Forgery (SSRF) in GitHub repository janeczku/calibre-web prior to 0.6.18. |
| Stored XSS via file upload in GitHub repository star7th/showdoc prior to v2.10.4. |
| Stored xss in showdoc through file upload in GitHub repository star7th/showdoc prior to 2.10.4. |
| Cross-site Scripting (XSS) - Stored in GitHub repository autolab/autolab prior to 2.8.0. |
| Host Header injection in password Reset in GitHub repository livehelperchat/livehelperchat prior to 3.97. |
| Missing Authorization in GitHub repository saleor/saleor prior to 3.1.2. |
| File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12. |
| XSS on dynamic_text module in GitHub repository microweber/microweber prior to 1.2.11. |
| Cross-site Scripting (XSS) - Stored in GitHub repository microweber/microweber prior to 1.2.12. |
| File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12. |
| Out-of-bounds Read error in tiffcp in libtiff 4.3.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 408976c4. |