CVE-2020-10390

OS Command Injection in export.php vulnerable function called from include/functions-article.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php...

CVE-2025-10390

creationtimestamp| type| source ---|---|--- 2025-09-14 07:42:11+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyrs56zc6h2t...

CVE-2024-10390

creationtimestamp| type| source ---|---|--- 2024-11-18 16:38:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113504938721653052 2024-11-18 19:03:54+00:00| seen| https://t.me/cvedetector/11369...

CVE-2024-10390 Elfsight Telegram Chat CC <= 1.1.0 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting

The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber-level access and...

WordPress Elfsight Telegram Chat CC Plugin <= 1.1.0 is vulnerable to Cross Site Scripting (XSS)

Software Elfsight Telegram Chat CC Type Plugin Vulnerable versions = 1.1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10390 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 79fba1da063a Credits István...

com.splunk.splunkins:splunk-devops-extend (>=1.0 <=1.7.0) potentially affected by CVE-2019-10390 via com.splunk.splunkins:splunk-devops (>=1.0 <=1.7.0)

com.splunk.splunkins:splunk-devops MAVEN version =1.0, =1.0, =1.7.0 Source cves: CVE-2019-10390 Source advisory: OSV:GHSA-CJR8-5RW4-WH65...

CVE-2020-10390

OS Command Injection in export.php vulnerable function called from include/functions-article.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php...

CVE-2020-10390

CVE-2020-10390 affects Chadha PHPKB Standard Multi-Language 9. The OS command injection exists in export.php (called from include/functions-article.php) allowing remote code execution by saving malicious code into the wkhtmltopdf path via admin/save-settings.php. This is documented across multipl...

CVE-2019-10390

A sandbox bypass vulnerability in Jenkins Splunk Plugin 1.7.4 and earlier allowed attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM...

CVE-2019-10390

A sandbox bypass vulnerability in Jenkins Splunk Plugin 1.7.4 and earlier allowed attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM...

CVE-2019-10390

CVE-2019-10390 describes a sandbox bypass in Jenkins Splunk Plugin ≤1.7.4 where an HTTP form-validation endpoint allowed attackers with Overall/Read to submit a Groovy script that could execute arbitrary code on the Jenkins master JVM. Root cause: unsafe AST transformations (e.g., @Grab) not sand...

CVE-2014-10390

creationtimestamp| type| source ---|---|--- 2019-08-22 22:38:33+00:00| seen| https://t.me/cibsecurity/6317 2019-08-29 16:33:44+00:00| seen| https://t.me/cibsecurity/6439...

CVE-2014-10390

The CVE-2014-10390 entry concerns the WordPress plugin wp-support-plus-responsive-ticket-system (pre-4.2). The vulnerability is a directory traversal flaw in the plugin, exposing potential unauthorized access to filesystem paths. Public sources confirm the affected component as the plugin’s code ...

CVE-2016-10390

CVE-2016-10390 corresponds to a memory‑consumption issue in Qualcomm components used in Android builds based on CAF Linux kernels. When a file is downloaded, an excessive amount of memory may be consumed, potentially impacting device stability. The vulnerability is described across multiple feeds...

Fedora Core 11 FEDORA-2009-10390 (Django)

The remote host is missing an update to Django announced via advisory FEDORA-2009-10390. OpenVAS Vulnerability Test $Id: fcore200910390.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-10390 Django Authors: Thomas Reinke Copyright: Copyright c 2009...