Alerts

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2.

Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2.

Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a before 1.9.9.5.2.

A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially...

OpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI) via the Theme Editor Function.

Misskey is an open source, federated social media platform. In affected versions FileServerService (media proxy) in github.com/misskey-dev/misskey 2024.10.1 or earlier did not detect proxy loops,...

IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance 9.3 LTS, 9.3 CD, 9.4 LTS, and IBM MQ for HPE NonStop 8.1.0 through 8.1.0.25 could allow an authenticated user to cause a...

Misskey is an open source, federated social media platform. Some APIs using `HttpRequestService` do not properly check the target host. This vulnerability allows an attacker to send POST or GET...

Misskey is an open source, federated social media platform. In affected versions missing validation in `ApRequestService.signedGet` allows an attacker to create fake user profiles that appear to be...

Misskey is an open source, federated social media platform. In affected versions missing validation in `ApRequestService.signedGet` and `HttpRequestService.getActivityJson` allows an attacker to...