capitalfinance exchange

Exchange Platform Services
 
  • Join Now-Sign Up
  • Log In

 

capital finance exchange

Exchange Platform Services

exchanges | platforms | systems | intelligence | markets

Join Capital Finance Exchange Platform Services

Become a Professional Paid Subscriber

44+68

IS Security Alerts Advisories

  • CVE-2025-14190 | Chanjet TPlus up to 20251121 currentAccId sql injection
    A vulnerability identified as critical has been detected in Chanjet TPlus up to 20251121. Affected by this vulnerability is an unknown functionality of the file /tplus/ajaxpro/Ufida.T.SM.UIP.MultiCompanySettingController,Ufida.T.SM.UIP.ashx?method=Load. This manipulation of the ... read more
  • CVE-2025-14191 | UTT 进取 512W up to 1.7.7-171114 formP2PLimitConfig strcpy except buffer overflow
    A vulnerability labeled as critical has been found in UTT 进取 512W up to 1.7.7-171114. Affected by this issue is the function strcpy of the file /goform/formP2PLimitConfig. Such manipulation of ... read more
  • CVE-2007-4522 | Ripe Website Manager do_new_item.php cross site scripting (EDB-30518 / XFDB-36179)
    A vulnerability described as problematic has been identified in Ripe Website Manager. This vulnerability affects unknown code of the file admin/navigation/do_new_item.php. Executing manipulation can lead to basic cross site scripting. ... read more
  • CVE-2025-21869 | Linux Kernel up to 6.12.16/6.13.4 Kernel Memory copy_to_kernel_nofault stack-based overflow (Nessus ID 236983 / WID-SEC-2025-0649)
    A vulnerability marked as critical has been reported in Linux Kernel up to 6.12.16/6.13.4. The impacted element is the function copy_to_kernel_nofault of the component Kernel Memory Handler. This manipulation causes ... read more
  • CVE-2025-21877 | Linux Kernel up to 6.13.5 gl620a Driver drivers/usb/core/urb.c genelink_bind information disclosure (Nessus ID 234309 / WID-SEC-2025-0649)
    A vulnerability was found in Linux Kernel up to 6.13.5. It has been classified as problematic. The impacted element is the function genelink_bind of the file drivers/usb/core/urb.c of the component ... read more
  • CVE-2025-21871 | Linux Kernel up to 6.13.4 optee denial of service (Nessus ID 234058 / WID-SEC-2025-0649)
    A vulnerability, which was classified as critical, has been found in Linux Kernel up to 6.13.4. Affected by this vulnerability is an unknown functionality of the component optee. The manipulation ... read more
  • CVE-2025-21872 | Linux Kernel up to 5.10.234/6.6.82/6.12.17/6.13.5 mm/early_ioremap.c early_memmap iteration (Nessus ID 236983 / WID-SEC-2025-0649)
    A vulnerability classified as problematic has been found in Linux Kernel up to 5.10.234/6.6.82/6.12.17/6.13.5. Affected by this issue is the function early_memmap of the file mm/early_ioremap.c. The manipulation leads to ... read more
  • CVE-2007-4522 | Ripe Website Manager delete_menu.php ID cross site scripting (EDB-30518 / XFDB-36179)
    A vulnerability labeled as problematic has been found in Ripe Website Manager. Affected by this issue is some unknown functionality of the file navigation/delete_menu.php. Such manipulation of the argument ID ... read more
  • CVE-2007-4522 | Ripe Website Manager do_new_nav.php new_menuname cross site scripting (EDB-30518 / XFDB-36179)
    A vulnerability classified as problematic has been found in Ripe Website Manager. This issue affects some unknown processing of the file admin/navigation/do_new_nav.php. The manipulation of the argument new_menuname leads to ... read more
  • CVE-2007-4522 | Ripe Website Manager delete_item.php ID cross site scripting (EDB-30518 / XFDB-36179)
    A vulnerability marked as problematic has been reported in Ripe Website Manager. This affects an unknown part of the file navigation/delete_item.php. Performing manipulation of the argument ID results in basic ... read more
  • CVE-2007-4522 | Ripe Website Manager up to 0.8.4 new_menuname cross site scripting (EDB-30518 / XFDB-36180)
    A vulnerability categorized as problematic has been discovered in Ripe Website Manager up to 0.8.4. Impacted is an unknown function. Executing manipulation of the argument new_menuname can lead to basic ... read more
  • CVE-2007-2207 | Ripe Website Manager up to 0.8.4 contact/index.php ripeformpost sql injection (EDB-29877 / XFDB-33818)
    A vulnerability categorized as critical has been discovered in Ripe Website Manager up to 0.8.4. Affected by this vulnerability is an unknown functionality of the file contact/index.php. The manipulation of ... read more
  • CVE-2025-11935 | With TLS 5.8.2 psk_dhe_ke inadequate encryption
    A vulnerability labeled as problematic has been found in With TLS 5.8.2. Impacted is the function psk_dhe_ke. The manipulation results in inadequate encryption strength. This vulnerability is cataloged as CVE-2025-11935. ... read more
  • Phake-Phishing: Phundamental oder Pherrückt?
    Auf dem Papier klingt es einfach: Wer für den Ernstfall übt, ist besser gewappnet. Das gilt im Sport, im Militär, in der Krisenvorsorge – und auch in der Cybersicherheit. Simulierte ... read more
  • CVE-2025-12170 | Checkbox Plugin up to 2.8.10 on WordPress AJAX Endpoint wp_ajax_nopriv_checkbox_clean_log authorization
    A vulnerability, which was classified as critical, has been found in Checkbox Plugin up to 2.8.10 on WordPress. Affected is the function wp_ajax_nopriv_checkbox_clean_log of the component AJAX Endpoint. This manipulation ... read more
  • CVE-2025-11801 | AudioTube Plugin up to 0.0.3 on WordPress Shortcode caption cross site scripting
    A vulnerability marked as problematic has been reported in AudioTube Plugin up to 0.0.3 on WordPress. Affected by this issue is the function caption of the component Shortcode Handler. This ... read more
  • CVE-2025-11802 | Bulma Shortcodes Plugin up to 1.0 on WordPress Shortcode type cross site scripting
    A vulnerability classified as problematic has been found in Bulma Shortcodes Plugin up to 1.0 on WordPress. The affected element is the function Type of the component Shortcode Handler. The ... read more
  • CVE-2025-12086 | WPSwings Return Refund and Exchange for WooCommerce Plugin up to 4.5.5 on WordPress AJAX Endpoint wps_rma_cancel_return_request resource injection
    A vulnerability was found in WPSwings Return Refund and Exchange for WooCommerce Plugin up to 4.5.5 on WordPress. It has been declared as problematic. Affected by this issue is the ... read more
  • CVE-2025-11985 | Realty Portal Plugin up to 0.1/0.4.1 on WordPress Setting rp_save_property_settings authorization
    A vulnerability was found in Realty Portal Plugin up to 0.1/0.4.1 on WordPress and classified as problematic. This affects the function rp_save_property_settings of the component Setting Handler. Executing manipulation can ... read more
  • CVE-2025-11815 | UiPress Lite Plugin up to 3.5.08 on WordPress Setting uip_save_site_option authorization
    A vulnerability classified as problematic was found in UiPress Lite Plugin up to 3.5.08 on WordPress. Affected by this issue is the function uip_save_site_option of the component Setting Handler. Such ... read more
  • CVE-2025-11800 | Surbma Plugin up to 2.0 on WordPress Shortcode minicrm ID cross site scripting
    A vulnerability classified as problematic was found in Surbma Plugin up to 2.0 on WordPress. The impacted element is the function minicrm of the component Shortcode Handler. The manipulation of ... read more
  • CVE-2025-12170 | Checkbox Plugin up to 2.8.10 on WordPress AJAX Endpoint wp_ajax_nopriv_checkbox_clean_log authorization
    A vulnerability identified as critical has been detected in Checkbox Plugin up to 2.8.10 on WordPress. The impacted element is the function wp_ajax_nopriv_checkbox_clean_log of the component AJAX Endpoint. Performing manipulation ... read more
  • CVE-2025-12660 | Padlet Shortcode Plugin up to 1.3 on WordPress wallwisher key cross site scripting
    A vulnerability has been found in Padlet Shortcode Plugin up to 1.3 on WordPress and classified as problematic. This issue affects the function wallwisher of the component Shortcode Handler. The ... read more
  • CVE-2025-11799 | Affiliate AI Lite Plugin up to 1.0.1 on WordPress Shortcode asin cross site scripting
    A vulnerability, which was classified as problematic, was found in Affiliate AI Lite Plugin up to 1.0.1 on WordPress. This vulnerability affects the function asin of the component Shortcode Handler. ... read more
  • CVE-2025-12135 | WPBookit Plugin up to 1.0.6 on WordPress save_custome_code css_code cross site scripting
    A vulnerability was found in WPBookit Plugin up to 1.0.6 on WordPress. It has been declared as problematic. The impacted element is the function save_custome_code. Such manipulation of the argument ... read more
  • CVE-2025-12086 | WPSwings Return Refund and Exchange for WooCommerce Plugin up to 4.5.5 on WordPress AJAX Endpoint wps_rma_cancel_return_request resource injection
    A vulnerability labeled as problematic has been found in WPSwings Return Refund and Exchange for WooCommerce Plugin up to 4.5.5 on WordPress. Impacted is the function wps_rma_cancel_return_request of the component ... read more
  • CVE-2025-11885 | EchBay Admin Security Plugin up to 1.3.0 on WordPress _ebnonce cross site scripting
    A vulnerability was found in EchBay Admin Security Plugin up to 1.3.0 on WordPress. It has been classified as problematic. This impacts an unknown function. Performing manipulation of the argument ... read more
  • CVE-2025-11773 | TokenICO Cryptocurrency Token, Launchpad Presale, ICO & IDO, Airdrop Plugin saveDeployedContract authorization
    A vulnerability, which was classified as problematic, was found in TokenICO Cryptocurrency Token, Launchpad Presale, ICO & IDO, Airdrop Plugin up to 2.4.6 on WordPress. This affects the function saveDeployedContract. ... read more
  • CVE-2025-12138 | URL Image Importer Plugin up to 1.0.6 on WordPress PHP File uimptr_import_image_from_url unrestricted upload
    A vulnerability, which was classified as critical, has been found in URL Image Importer Plugin up to 1.0.6 on WordPress. The impacted element is the function uimptr_import_image_from_url of the component ... read more
  • CERT-SE:s veckobrev v.47
    Bland veckans läsning finns nyheten om lanseringen av MISP-SE, en nationell plattform för delning av hotinformation. Det går också att läsa om nyheten gällande det regeringsbeslut som fattades i veckan ... read more
  • CVE-2025-5644 | Radare2 5.9.9 radiff2 /libr/cons/cons.c r_cons_flush -T use after free (Issue 24233 / EUVD-2025-16970)
    A vulnerability identified as problematic has been detected in Radare2 5.9.9. The impacted element is the function r_cons_flush in the library /libr/cons/cons.c of the component radiff2. This manipulation of the ... read more
  • CVE-2025-5645 | Radare2 5.9.9 radiff2 /libr/cons/pal.c r_cons_pal_init -T memory corruption (Issue 24234 / EUVD-2025-16975)
    A vulnerability labeled as problematic has been found in Radare2 5.9.9. This affects the function r_cons_pal_init in the library /libr/cons/pal.c of the component radiff2. Such manipulation of the argument -T ... read more
  • CVE-2025-5643 | Radare2 5.9.9 radiff2 /libr/cons/cons.c cons_stack_load -T memory corruption (Issue 24232 / EUVD-2025-16971)
    A vulnerability categorized as problematic has been discovered in Radare2 5.9.9. The affected element is the function cons_stack_load in the library /libr/cons/cons.c of the component radiff2. The manipulation of the ... read more
  • CVE-2025-37162 | HPE Aruba Networking 100 Cellular Bridge bis 10.7.1.1 Command Line Interface erweiterte Rechte
    Es wurde eine Schwachstelle in HPE Aruba Networking 100 Cellular Bridge bis 10.7.1.1 ausgemacht. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code der Komponente Command Line Interface. Mittels ... read more
  • CVE-2025-37161 | HPE Aruba Networking 100 Cellular Bridge bis 10.7.1.1 Web-based Management Interface Denial of Service
    Eine Schwachstelle wurde in HPE Aruba Networking 100 Cellular Bridge bis 10.7.1.1 gefunden. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Komponente Web-based Management Interface. Durch Manipulation ... read more
  • CVE-2025-12710 | Pet-Manager Plugin up to 3.6.1 on WordPress Shortcode kwm-petfinder cross site scripting
    A vulnerability, which was classified as problematic, has been found in Pet-Manager Plugin up to 3.6.1 on WordPress. Affected by this vulnerability is the function kwm-petfinder of the component Shortcode ... read more
  • CVE-2025-63226 | Sencore SMP100 SMP Media Platform 4.2.160/60.1.4/60.1.29 /UserManagement.html user session
    A vulnerability, which was classified as very critical, has been found in Sencore SMP100 SMP Media Platform 4.2.160/60.1.4/60.1.29. This affects an unknown function of the file /UserManagement.html. The manipulation leads ... read more
  • CVE-2025-6251 | Royal Elementor Addons and Templates Plugin up to 1.7.1036 on WordPress item['field_id'] cross site scripting
    A vulnerability marked as problematic has been reported in Royal Elementor Addons and Templates Plugin up to 1.7.1036 on WordPress. The impacted element is an unknown function. Performing manipulation of ... read more
  • CVE-2025-12842 | Booking Plugin up to 1.4.7 on WordPress Notifications tslot_appt_email Remote Code Execution
    A vulnerability has been found in Booking Plugin up to 1.4.7 on WordPress and classified as critical. Affected is the function tslot_appt_email of the component Notifications Handler. This manipulation causes ... read more
  • CVE-2025-12770 | New User Approve Plugin up to 3.0.9 on WordPress REST API Endpoint api_key information disclosure
    A vulnerability was found in New User Approve Plugin up to 3.0.9 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality of the component REST ... read more
  • CVE-2025-37162 | HPE Aruba Networking 100 Cellular Bridge up to 10.7.1.1 Command Line Interface command injection
    A vulnerability was found in HPE Aruba Networking 100 Cellular Bridge up to 10.7.1.1 and classified as critical. This vulnerability affects unknown code of the component Command Line Interface. Executing ... read more
  • CVE-2025-37161 | HPE Aruba Networking 100 Cellular Bridge up to 10.7.1.1 Web-based Management Interface denial of service
    A vulnerability has been found in HPE Aruba Networking 100 Cellular Bridge up to 10.7.1.1 and classified as problematic. This affects an unknown part of the component Web-based Management Interface. ... read more
  • CVE-2025-12535 | SureForms Plugin up to 1.13.1 on WordPress REST API Endpoint wp_rest cross-site request forgery
    A vulnerability, which was classified as problematic, was found in SureForms Plugin up to 1.13.1 on WordPress. Affected by this issue is the function wp_rest of the component REST API ... read more
  • CVE-2025-12359 | Responsive Lightbox & Gallery Plugin up to 2.5.3 on WordPress get_image_size_by_url server-side request forgery
    A vulnerability classified as critical was found in Responsive Lightbox & Gallery Plugin up to 2.5.3 on WordPress. Affected is the function get_image_size_by_url. The manipulation results in server-side request forgery. ... read more
  • CVE-2025-13054 | User Profile Builder Plugin up to 3.14.8 on WordPress Shortcode cross site scripting
    A vulnerability classified as problematic has been found in User Profile Builder Plugin up to 3.14.8 on WordPress. This impacts an unknown function of the component Shortcode Handler. The manipulation ... read more
  • CVE-2025-12426 | Quiz Maker Plugin up to 6.7.0.80 on WordPress ays_quiz_check_answer information disclosure
    A vulnerability described as problematic has been identified in Quiz Maker Plugin up to 6.7.0.80 on WordPress. This affects the function ays_quiz_check_answer. Executing manipulation can lead to information disclosure. This ... read more
  • CVE-2025-13145 | WP Import Plugin up to 7.33.1 on WordPress CSV Import SingleImportExport.php import_single_post_as_csv deserialization
    A vulnerability, which was classified as problematic, was found in WP Import Plugin up to 7.33.1 on WordPress. This impacts the function import_single_post_as_csv of the file SingleImportExport.php of the component ... read more
  • CVE-2025-13085 | SiteSEO Plugin up to 1.3.2 on WordPress AJAX resolve_variables resource injection
    A vulnerability identified as problematic has been detected in SiteSEO Plugin up to 1.3.2 on WordPress. Impacted is the function resolve_variables of the component AJAX Handler. This manipulation causes improper ... read more
  • CVE-2025-12646 | Community Events Plugin up to 1.5.4 on WordPress dayofyear sql injection
    A vulnerability categorized as critical has been discovered in Community Events Plugin up to 1.5.4 on WordPress. This issue affects some unknown processing. The manipulation of the argument dayofyear results ... read more
  • CVE-2025-12814 | SiteSEO Plugin up to 1.3.2 on WordPress Setting siteseo_reset_settings
    A vulnerability was found in SiteSEO Plugin up to 1.3.2 on WordPress. It has been rated as critical. This vulnerability affects the function siteseo_reset_settings of the component Setting Handler. The ... read more

integratus systems © 2025

KAVI IS iCOMMEX Platform v 02.25 Tuesday, December 9, 2025

Login

Login to capital finance exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

Security Briefing Search

PDF Library Search

Search

Reset Password

Reset Password

You have no permission to access this content