Automattic: Woocommerce SQL Injection in WC_Report_Coupon_Usage
A SQL injection vulnerability was found in the WooCommerce plugin version 9.9.3. The vulnerable parameter was 'coupon_codes' in the '/wp-admin/admin.php?page=wc-reports&tab=orde ...
Continue Reading
July 12, 2025
curl: Sensitive information disclosure with malicious netrc file
Vulnerability description not...Read More ...
Continue Reading
July 12, 2025
curl: Credential leak on redirect due to improper state clearing when parsing macdef in netrc.c
Vulnerability description not...Read More ...
Continue Reading
July 12, 2025
curl: OS Command Injection in scripts/firefox-db2pem.sh via untrusted certificate nicknames
Vulnerability description not...Read More ...
Continue Reading
July 12, 2025
curl: arbitrary file read via `file://` path traversal with `–path-as-is`
Vulnerability description not...Read More ...
Continue Reading
July 12, 2025
Lichess: CSRF at Network feature
A CSRF vulnerability was found in the network feature, where an attacker could change the Network Routing settings by sending a CSRF script to the...Read More ...
Continue Reading
July 12, 2025
curl: HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling
Vulnerability description not...Read More ...
Continue Reading
July 12, 2025
curl: CRLF injection in libcurl’s SMTP client via –mail-from and –mail-rcpt allows SMTP command smuggling
Vulnerability description not...Read More ...
Continue Reading
July 12, 2025
Back to Main
