MiracleLinux 8 : thunderbird-91.7.0-2.el8.ML.1 (AXSA:2022-3104:04)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-3104:04 advisory. Mozilla: Use-after-free in XSLT parameter processing CVE-2022-26485 Mozilla: Use-after-free in WebGPU IPC Framework CVE-2022-26486 expat: Malformed ...

EUVD-2026-0566

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

CVE-2026-0566 code-projects Content Management System edit_posts.php unrestricted upload

A security vulnerability has been detected in code-projects Content Management System 1.0. Impacted is an unknown function of the file /admin/editposts.php. The manipulation of the argument image leads to unrestricted upload. The attack is possible to be carried out remotely. The exploit has been...

CVE-2024-0566

The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

CVE-2020-0566

Improper Access Control in subsystem for IntelR TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially enable escalation of privilege via physical access...

Smart Manager 8.27.0 - Post-Authenticated SQL Injection

Exploit Title: Smart Manager 8.27.0 - Post-Authenticated SQL Injection Date: 2024-01-18 Exploit Author: Ivan Spiridonov - xbz0n Vendor Homepage: https://www.storeapps.org/ Software Link: https://www.storeapps.org/product/smart-manager/ Version: 8.27.0 Tested on: Ubuntu 22.04 CVE: CVE-2024-0566 SQ...

Linux Distros Unpatched Vulnerability : CVE-2022-0566

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of- bounds write of one byte when processing the message...

CVE-2025-0566

creationtimestamp| type| source ---|---|--- 2025-01-19 06:32:51+00:00| seen| https://infosec.exchange/users/cve/statuses/113853619941952983 2025-01-19 06:58:38+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2312 2025-01-19 07:15:29+00:00| seen|...

CVE-2025-0566 Tenda AC15 SetDevNetName formSetDevNetName stack-based overflow

A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit ha...

CVE-2025-0566

CVE-2025-0566 affects Tenda AC15 router (version 15.13.07.13) with a stack-based overflow in function formSetDevNetName, triggered by manipulating the mac argument in /goform/SetDevNetName. The flaw allows remote execution and exploitation has been publicized; CVSS is reported as HIGH. Connected ...

RHSA-2020:0566

creationtimestamp| type| source ---|---|--- 2024-03-19 10:41:10+00:00| seen| https://t.me/ctinow/211333 2024-03-19 11:11:38+00:00| seen| https://t.me/ctinow/211350...

WordPress Smart Manager Plugin < 8.28.0 is vulnerable to SQL Injection

Software Smart Manager Type Plugin Vulnerable versions 8.28.0 Fixed in 8.28.0 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-0566 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID c1d0448fde12 Credits Ivan Spiridonov Required privilege Administrator...

CVE-2024-0566

creationtimestamp| type| source ---|---|--- 2024-02-12 17:22:12+00:00| seen| https://t.me/ctinow/183284 2025-04-16 10:01:16+00:00| seen| https://bsky.app/profile/nimblenerd.social/post/3lmwdittwfv2r 2025-04-17 21:02:32+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lmzyvymvp...

CVE-2024-0566

CVE-2024-0566 affects the Smart Manager WordPress plugin for versions before 8.28.0. The vulnerability is a SQL injection in the admin AJAX endpoint (sorting parameters in /wp-admin/admin-ajax.php), caused by insufficient sanitization/escaping of a parameter before it is used in an SQL statement....

CVE-2024-0566 Smart Manager < 8.28.0 - Admin+ SQL Injection

The Smart Manager WordPress plugin before 8.28.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

CVE-2023-0566

creationtimestamp| type| source ---|---|--- 2024-01-26 20:55:25+00:00| seen| https://t.me/arpsyndicate/3068...

K44691188: Intel TXE / SPS vulnerabilities CVE-2020-0566, CVE-2020-0586

Security Advisory Description CVE-2020-0566 Improper Access Control in subsystem for IntelR TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. CVE-2020-0586 Improper initialization in subsystem for IntelR SPS...

CVE-2023-0566

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in froxlor/froxlor prior to 2.0.10...

CVE-2023-0566

CVE-2023-0566 affects froxlor/froxlor prior to 2.0.10. The issue is described as improper neutralization of input during web page generation, i.e., cross-site scripting, potentially related to static code injection as noted in some connected advisories. Affected component is the Froxlor web inter...

CVE-2023-0566 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in froxlor/froxlor

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' in froxlor/froxlor prior to 2.0.10...