Qibosoft Cross-Site Scripting Vulnerability

Qibosoft qibosoft is a content management system CMS from Qibosoft, China. qibosoft has a cross-site scripting vulnerability that originates in the /admin/index.php?lfj=friendlink & action=add link of the admin component of the product. The vulnerability is caused by the...

IBM OPENBMC Cross-Site Scripting Vulnerability

IBM OPENBMC is a POWER8 and POWER9 emulator from International Business Machines Corporation Ibm. IBM OPENBMC has a cross-site scripting vulnerability in version OP910 that stems from a lack of data validation filtering of user-supplied data and output. An attacker could exploit the vulnerability...

WordPress Download Manager Plugin Cross-Site Scripting Vulnerability (CNVD-2021-103356)

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress Download Manager plugin in versions prior to 3.2.22 suffers from a cross-site scripting vulnerability th...

WordPress Tickera plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.Tickera plugin in versions prior to 3.4.8.3 suffers from a cross-site scripting vulnerability, which stems from a...

WordPress WP RSS Aggregator plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WP RSS Aggregator plugin has a cross-site scripting vulnerability in versions prior to 4.19.3, which...

WordPress Buttonizer-Smart Floating Action Button plugin cross-site scripting vulnerability

WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. buttonizer-Smart Floating Action Button plugin has a cross-site scripting vulnerability in versions prior to 2.5.5,...

WordPress Paid Memberships Pro plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.The Paid Memberships Pro plugin has a cross-site scripting vulnerability in versions prior to 2.6.6, which stems...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers.Tickera plugin in versions prior to 3.4.8.3 suffers from a cross-site scripting vulnerability, which stems from a...

WordPress Logo Carousel plugin cross-site scripting vulnerability

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Logo Carousel plugin has a cross-site scripting vulnerability in versions prior to 3.4.2, which stems from a lack o...

WordPress SportsPress Plugin Cross-Site Scripting Vulnerability (CNVD-2021-102785)

WordPress is the Wordpress Foundation's suite of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress SportsPress plugin has a cross-site scripting vulnerability in versions prior to 2.7.9, which...

The vulnerability of the `wheel.pillar_roots.write` component in the configuration management system and the remote execution of SaltStack Salt, which is related to errors in data validation, allows a perpetrator to execute arbitrary code.

The vulnerability of the wheel.pillarroots.write component in the configuration management system and the remote execution of SaltStack Salt are related to errors during data validation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

Adobe Audition Buffer Overflow Vulnerability (CNVD-2021-102794)

Adobe Audition is a set of multi-track editing tools from Adobe. Adobe Audition suffers from a buffer overflow vulnerability that originates when a networked system or product does not properly validate data boundaries when performing operations in memory, resulting in incorrect read and write...

Insufficient Data Validation

qt5-qtwebengine:edge is having insufficient data validation...

CVE-2021-4068

Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-4068

Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-4068

Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

DEBIAN-CVE-2021-4068

Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-4059

Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

DEBIAN-CVE-2021-4059

Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-4059

Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page...