WordPress plugin AcyMailing 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

EUVD-2021-15746

Malware in sbrugna...

EUVD-2022-28052

Malicious code in bioql PyPI...

EUVD-2022-40800

Malicious code in bioql PyPI...

CVE-2024-43280

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1...

CVE-2021-25680

The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting XSS issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only version 10.8.1 was able to be...

CVE-2021-25679

The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting XSS issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only version 10.8.1 was able t...

HCL MyCloud 安全漏洞

HCL MyCloud is a hybrid cloud lifecycle management product from HCL India that provides optimal governance and monitoring of cloud infrastructures. A security vulnerability exists in HCL MyCloud version 10.8.1, which stems from improper access control and could lead to elevation of privilege,...

0utmailauth (=1.0.0), @1023-ventures/merope2 (>=0.2.1 <=0.2.9) +1695 more potentially affected by CVE-2024-11023 via firebase (>=0.5.4 <=10.8.1)

firebase NPM version =0.5.4, =0.2.1, =0.5.2, =0.5.2, =0.5.0, =3.2.4, =1.0.0, =1.0.0, =1.0.9-beta.0, =0.5.21, =0.5.21, =0.1.0, =0.1.5 - @aivue/chatbot-storage =1.0.1 and more Source cves: CVE-2024-11023 Source advisory: OSV:GHSA-3WF4-68GX-MPH8...

CVE-2024-25702

CVE-2024-25702 describes a stored XSS in Esri Portal for ArcGIS Enterprise Sites (affected versions 10.8.1–11.1, including 11.1 and below) where a remote, authenticated attacker with high privileges can craft a link stored in the site configuration that, when clicked, executes arbitrary JavaScrip...

CVE-2024-43280

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1...

CVE-2024-43280

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1...

WordPress plugin Salon booking system 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

PT-2024-30445

Name of the Vulnerable Software and Affected Versions: Salon booking system versions through 10.8.1 Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, in the Salon Booking System. This vulnerability allows redirection to...

PT-2024-21105

Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions 10.8.1 through 10.8.1 – 1121 Description The issue is a stored Cross-site Scripting vulnerability that may allow a remote, authenticated attacker to create a crafted link that can be saved as a new location when...

PT-2024-7835 · Esri · Esri Portal For Arcgis Enterprise Sites

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS Enterprise Sites versions 10.8.1 through 11.1 Description: The issue is related to a stored Cross-site Scripting vulnerability that may allow a remote, authenticated attacker to create a crafted link stored in the site...

CVE-2023-48313

Umbraco CMS (ASP.NET) is affected by a DOM-based XSS vulnerability identified as CVE-2023-48313. The issue exists from version 10.0.0 up to but not including 10.8.1 and 12.3.4, where it is mitigated by a patch. Affected component/functionality is not explicitly named in the provided documents bey...

PT-2023-30776 · Umbraco · Umbraco

Name of the Vulnerable Software and Affected Versions: Umbraco versions 10.0.0 through 10.8.0 Umbraco versions 10.8.1 is not affected, but versions prior to 12.3.4 are affected, so the correct range is: Umbraco versions 10.8.2 through 12.3.3 Description: The issue is a cross-site scripting XSS...

Cross site scripting

There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser. The privileges required to execute this...

CVE-2023-25841 BUG-000158075 Stored XSS issue in ArcGIS Server

There is a stored Cross-site Scripting vulnerability in Esri ArcGIS Server versions 11.0 and below on Windows and Linux platforms that may allow a remote, unauthenticated attacker to create crafted content which when clicked could potentially execute arbitrary JavaScript code in the victim’s...