WordPress Photo Gallery by 10Web Plugin <= 1.8.27 is vulnerable to Cross Site Scripting (XSS)

Software Photo Gallery by 10Web Type Plugin Vulnerable versions = 1.8.27 Fixed in 1.8.28 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-44043 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 58bdb83f52ba Credits Robert DeVore Required...

BIT-MYBB-2021-41866

MyBB before 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly...

MyBB 1.2.0 < 1.8.29 RCE Vulnerability (GHSA-8gxx-vmr9-h39p)

MyBB is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb";...

Cross site scripting

MyBB before 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly...

CVE-2021-41866

MyBB before 1.8.28 allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly...

MyBB 跨站脚本漏洞

MyBB is a free and web-based forum software developed by MyBB team using PHP and MySQL. MyBB has a cross-site scripting vulnerability in versions prior to 1.8.28, which stems from the lack of proper validation of client-side data in the template name displayed in the theme management of the WEB...

PT-2021-23436 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: MyBB versions prior to 1.8.28 Description: The issue allows stored XSS because the displayed Template Name value in the Admin CP's theme management is not escaped properly. Recommendations: For versions prior to 1.8.28, update to version 1.8....

NewStart CGSL MAIN 4.05 : sudo Vulnerability (NS-SA-2020-0016)

The remote NewStart CGSL host, running version MAIN 4.05, has sudo packages installed that are affected by a vulnerability: - In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging,...

sudo 1.8.28 Security Bypass

Exploit Title : sudo 1.8.28 - Security Bypass Date : 2019-10-15 Original Author: Joe Vennix Exploit Author : Mohin Paramasivam Version : Sudo priv" os.syste...

PT-2019-3519

Name of the Vulnerable Software and Affected Versions Sudo versions prior to 1.8.28 Description The issue allows an attacker with access to a Runas ALL sudoer account to bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user...

Fedora 21 : asterisk-11.14.1-1.fc21 (2014-15621)

Fri Nov 21 2014 Jeffrey C. Ollie - 11.14.1-1 - The Asterisk Development Team has announced security releases for Certified - Asterisk 1.8.28 and 11.6 and Asterisk 1.8, 11, 12, and 13. The available - security releases are released as versions 1.8.28-cert3, 11.6-cert8, 1.8.32.1, - 11.14.1, 12.7.1,...