elitecms 1.01 is vulnerable to SQL Injection via /admin/edit_page.php?page=.

elitecms 1.0.1 is vulnerable to Arbitrary code execution via admin/manage_uploads.php.

elitecms v1.01 is vulnerable to Delete any file via /admin/delete_image.php?file=.

liblsquic/lsquic_qenc_hdl.c in LiteSpeed QUIC (aka LSQUIC) before 3.1.0 mishandles MAX_TABLE_CAPACITY.

phpLiteAdmin through 1.9.8.2 allows XSS via the index.php newRows parameter (aka num or number).

This affects the package litespeed.js before 0.3.12; the package appwrite/server-ce from 0.12.0 and before 0.12.2, before 0.11.1. When parsing the query string in the getJsonFromUrl function, the key that is set in the result object is not properly sanitized leading to a Prototype Pollution vulnerability.

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect.

The Permalink Manager Lite WordPress plugin before 2.2.15 and Permalink Manager Pro WordPress plugin before 2.2.15 do not sanitise and escape query parameters before outputting them back in the debug page, leading to a Reflected Cross-Site Scripting issue

eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php.

eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php.