VYPR

Wf Snippets

by XOOPS

CVEs (2)

  • CVE-2007-1962Apr 11, 2007
    risk 0.03cvss epss 0.01

    SQL injection vulnerability in index.php in the WF-Snippets 1.02 and earlier module for XOOPS allows remote attackers to execute arbitrary SQL commands via the c parameter in a cat action.

  • CVE-2026-46338May 19, 2026
    risk 0.00cvss epss 0.00

    # Summary `pymdownx.snippets` has a regression of the CVE-2023-32309 / GHSA-jh85-wwv9-24hv fix. With `restrict_base_path: True` (the default), the current `filename.startswith(base)` containment check does not enforce a directory boundary. As a result, a markdown snippet…