Automattic: Woocommerce SQL Injection in WC_Report_Coupon_Usage
A SQL injection vulnerability was found in the WooCommerce plugin version 9.9.3. The vulnerable parameter was 'coupon_codes' in the '/wp-admin/admin.php?page=wc-reports&tab=orde ...
Continue Reading
August 12, 2025
Lichess: CSRF at Network feature
A CSRF vulnerability was found in the network feature, where an attacker could change the Network Routing settings by sending a CSRF script to the...Read More ...
Continue Reading
August 12, 2025
curl: Arbitrary File Read via Unsanitized curl Usage Results in Sensitive File Exposure
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
curl: Credential leak on redirect due to improper state clearing when parsing macdef in netrc.c
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
WakaTime: Not a Vuln: Race Condition Allows Creation of Multiple Organizations with the Same Name
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
curl: Unsafe Global IFS Modification in OS400 Shell Script Enables Command Injection and Parsing Flaws (CWE-78/CWE-20)
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
curl: Failure to strip Proxy-Authorization header on change in origin
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
curl: Exposure of Private RSA Private Key in curl GitHub Repository
Vulnerability description not...Read More ...
Continue Reading
August 12, 2025
Back to Main
