NagiosXI 2026R1.0.1 build 1762361101 is vulnerable to Directory Traversal in /admin/coreconfigsnapshots.php. More information : https://github.com/YongYe-Security/NagiosXI/tree/main

A flaw has been found in SohuTV CacheCloud up to 3.2.0. The impacted element is the function redirectNoPower of the file src/main/java/com/sohu/cache/web/controller/WebResourceController.java. This manipulation causes cross site scripting. The attack is possible to be...

A vulnerability was detected in SohuTV CacheCloud up to 3.2.0. The affected element is the function getExceptionStatisticsByClient/getCommandStatisticsByClient/doIndex of the file src/main/java/com/sohu/cache/web/controller/AppClientDataShowController.java. The manipulation results in cross site scripting. The attack can be executed remotely....

A security vulnerability has been detected in code-projects College Notes Uploading System 1.0. Impacted is an unknown function of the file /dashboard/userprofile.php. The manipulation of the argument image leads to unrestricted upload. Remote exploitation...

Rapid7 Velociraptor versions before 0.75.6 contain a directory traversal issue on Linux servers that allows a rogue client to upload a file which is written outside the datastore directory. Velociraptor is normally only allowed...

The PixelYourSite plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 11.1.5 through publicly exposed log files. This makes it possible for unauthenticated attackers to view potentially...

The Advanced Ads plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.0.14 via the ‘change-ad__content’ shortcode parameter. This allows authenticated attackers with editor-level permissions or above, to...

Missing Authorization vulnerability in Plugin Optimizer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Plugin Optimizer: from n/a through 1.3.7. More information : https://vdp.patchstack.com/database/wordpress/plugin/plugin-optimizer/vulnerability/wordpress-plugin-optimizer-plugin-1-3-7-broken-access-control-vulnerability?_s_id=cve

Buffer overflow vulnerability in function dcputchar in decompile.c in libming 0.4.8. More information : https://github.com/libming/libming/issues/367

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or ‘Cross-site Scripting’) More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0

CWE-434 Unrestricted Upload of File with Dangerous Type More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0

CWE-601 URL Redirection to Untrusted Site (‘Open Redirect’) More information : https://www.gov.il/en/departments/dynamiccollectors/cve_advisories_listing?skip=0