Hemi VDP: WordPress Version Exposure via ███████ on hemi.xyz
The WordPress CMS version was exposed in the XML file at https://hemi.xyz███. This disclosure allowed attackers to fingerprint the CMS...Read More ...
Continue Reading
July 07, 2025
Automattic: Woocommerce SQL Injection in WC_Report_Coupon_Usage
A SQL injection vulnerability was found in the WooCommerce plugin version 9.9.3. The vulnerable parameter was 'coupon_codes' in the '/wp-admin/admin.php?page=wc-reports&tab=orde ...
Continue Reading
July 07, 2025
curl: Sensitive information disclosure with malicious netrc file
Vulnerability description not...Read More ...
Continue Reading
July 07, 2025
curl: Credential leak on redirect due to improper state clearing when parsing macdef in netrc.c
Vulnerability description not...Read More ...
Continue Reading
July 07, 2025
curl: OS Command Injection in scripts/firefox-db2pem.sh via untrusted certificate nicknames
Vulnerability description not...Read More ...
Continue Reading
July 07, 2025
curl: arbitrary file read via `file://` path traversal with `–path-as-is`
Vulnerability description not...Read More ...
Continue Reading
July 07, 2025
curl: HTTP Proxy Bypass via `CURLOPT_CUSTOMREQUEST` Verb Tunneling
Vulnerability description not...Read More ...
Continue Reading
July 07, 2025
curl: CRLF injection in libcurl’s SMTP client via –mail-from and –mail-rcpt allows SMTP command smuggling
Vulnerability description not...Read More ...
Continue Reading
July 07, 2025
Back to Main
