CVE-2011-10038

Nagios XI versions prior to 2011R1.9 are vulnerable to cross-site scripting XSS via the recurring downtime script of the web interface. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser...

CVE-2012-10038 Auxilium RateMyPet Arbitrary File Upload RCE

Auxilium RateMyPet contains an unauthenticated arbitrary file upload vulnerability in uploadbanners.php. The banner upload feature fails to validate file types or enforce authentication, allowing remote attackers to upload malicious PHP files. These files are stored in a web-accessible /banners/...

CVE-2024-10038

The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.12.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

CVE-2015-10038

A vulnerability was found in nym3r0s pplv2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named 28f8b0550104044da09f04659797487c59f85b00. It is recommended to apply a patch to fix this issue. The...

CVE-2015-10038

creationtimestamp| type| source ---|---|--- 2025-04-09 13:47:26+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11051...

WordPress WP-Strava Plugin <= 2.12.1 is vulnerable to Cross Site Scripting (XSS)

Software WP-Strava Type Plugin Vulnerable versions = 2.12.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10038 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID dd6efa54c071 Credits paupu Required privilege...

CVE-2015-10038 nym3r0s pplv2 sql injection

A vulnerability was found in nym3r0s pplv2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named 28f8b0550104044da09f04659797487c59f85b00. It is recommended to apply a patch to fix this issue. The...

CVE-2015-10038

CVE-2015-10038 affects nym3r0s pplv2, with a SQL injection vulnerability arising from manipulation of an unknown functionality. The vulnerability is described as critical, and the patch 28f8b0550104044da09f04659797487c59f85b00 is recommended as the fix. Connected sources consistently identify the...

CVE-2015-10038 nym3r0s pplv2 sql injection

A vulnerability was found in nym3r0s pplv2. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. The patch is named 28f8b0550104044da09f04659797487c59f85b00. It is recommended to apply a patch to fix this issue. The...

Siemens SICAM MMU, SICAM T, and SICAM SGU Missing Authentication For Critical Function (CVE-2020-10038)

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with access to the device's web server might be able to execute administrative commands without authentication. This plugin only works with Tenable.ot. Please visit...

CVE-2020-10038

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with access to the device's web server might be able to execute administrative commands without authentication...

CVE-2020-10038

CVE-2020-10038 affects Siemens SICAM MMU (all versions &lt; 2.05), SICAM SGU (all versions), and SICAM T (all versions

Evernote Directory Traversal (CVE-2019-10038)

A directory traversal vulnerability exists in Evernote. This vulnerability is due to improper validation of embedded links in notes. Successful exploitation could result in arbitrary program execution...

CVE-2019-10038

Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file...

CVE-2019-10038

Evernote 7.9 on macOS allows attackers to execute arbitrary programs by embedding a reference to a local executable file such as the /Applications/Calculator.app/Contents/MacOS/Calculator file...

CVE-2019-10038

Summary (supported by provided docs): Evernote 7.9 for macOS is vulnerable to a local path traversal that lets an attacker execute arbitrary programs by embedding a reference to a local executable (e.g., /Applications/Calculator.app/Contents/MacOS/Calculator) via crafted notes or URIs. The root c...

Evernote 7.9 - Code Execution via Path Traversal Exploit

Exploit for macOS platform in category local exploits Exploit Title: Code execution via path traversal Exploit Author: Dhiraj Mishra Vendor Homepage: http://evernote.com/ Software Link: https://evernote.com/download Version: 7.9 Tested on: macOS Mojave v10.14.4 CVE: CVE-2019-10038 References:...

Evernote 7.9 - Code Execution via Path Traversal

Exploit Title: Code execution via path traversal Date: 17-04-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: http://evernote.com/ Software Link: https://evernote.com/download Version: 7.9 Tested on: macOS Mojave v10.14.4 CVE: CVE-2019-10038 References:...

Evernote 7.9 - Code Execution via Path Traversal

Evernote 7.9 - Code Execution via Path Traversal Exploit Title: Code execution via path traversal Date: 17-04-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: http://evernote.com/ Software Link: https://evernote.com/download Version: 7.9 Tested on: macOS Mojave v10.14.4 CVE: CVE-2019-10038...

Evernote 7.9 Path Traversal / Code Execution

Exploit Title: Code execution via path traversal Date: 17-04-2019 Exploit Author: Dhiraj Mishra Vendor Homepage: http://evernote.com/ Software Link: https://evernote.com/download Version: 7.9 Tested on: macOS Mojave v10.14.4 CVE: CVE-2019-10038 References:...