CVE-2020-10395

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-group.php by adding a question mark ? followed by the payload...

CVE-2025-10395

creationtimestamp| type| source ---|---|--- 2025-09-14 09:57:18+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyrzosqeyj2a...

CVE-2025-10395

A vulnerability was found in Magicblack MacCMS 2025.1000.4050. Affected by this vulnerability is the function colurl of the component Scheduled Task Handler. Performing manipulation of the argument cjurl results in server-side request forgery. It is possible to initiate the attack remotely...

CVE-2019-10395

Jenkins Build Environment Plugin 1.6 and earlier did not escape variables shown on its views, resulting in a cross-site scripting vulnerability in Jenkins 2.145, 2.138.1, or older, exploitable by users able to change various job/build properties...

CVE-2024-10395

creationtimestamp| type| source ---|---|--- 2025-02-03 07:15:32+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhayoai7ew27 2025-02-03 08:48:52+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/113939089406796286 2025-02-03 09:27:12+00:00| seen|...

CVE-2024-10395 net: lib: http_server: Buffer Under-read

No proper validation of the length of user input in httpservergetcontenttypefromextension...

CVE-2024-10395 net: lib: http_server: Buffer Under-read

No proper validation of the length of user input in httpservergetcontenttypefromextension...

CVE-2020-10395

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-group.php by adding a question mark ? followed by the payload...

CVE-2020-10395

The CVE-2020-10395 issue affects Chadha PHPKB Standard Multi-Language 9 and is described as a Reflected Cross-Site Scripting (XSS) vulnerability. The Red Hat entries specify that URIs handled in admin/header.php can trigger XSS in various admin pages (e.g., admin/add-group.php, admin/add-article....

CVE-2020-10395

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-group.php by adding a question mark ? followed by the payload...

CVE-2019-10395

CVE-2019-10395 affects the Jenkins Build Environment Plugin (versions ≤ 1.6) and relates to a cross-site scripting (XSS) vulnerability caused by not escaping values of environment variables shown in plugin views. The issue could be exploited by users who can modify various job/build properties. P...

CVE-2014-10395

creationtimestamp| type| source ---|---|--- 2019-08-27 16:32:28+00:00| seen| https://t.me/cibsecurity/6385...

CVE-2014-10395

The CVE-2014-10395 issue affects the WordPress cp-polls plugin prior to version 1.0.1, introducing a cross-site scripting (XSS) vulnerability in the votes list. Root cause described in CNVD as insufficient validation of client-side data by the web application. Impact noted as potential execution ...

CVE-2017-10395

Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications subcomponent: GangwayActivityWebApp. The supported version that is affected is 9.0.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2017-10395

The CVE-2017-10395 entry concerns Oracle Hospitality Cruise Fleet Management (GangwayActivityWebApp) with affected version 9.0.2.0. The vulnerability allows a low-privileged attacker with network access over HTTP to compromise data, enabling unauthorized update/insert/delete operations and read a...

CVE-2016-10395

In FlexNet Publisher versions before Luton SP1 11.14.1.1 running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute...

CVE-2016-10395

In FlexNet Publisher versions before Luton SP1 11.14.1.1 running FlexNet Publisher Licensing Service on Windows platform, a boundary error related to a named pipe within the FlexNet Publisher Licensing Service can be exploited to cause an out-of-bounds memory read access and subsequently execute...

CVE-2016-10395

CVE-2016-10395 affects FlexNet Publisher Licensing Service on Windows (before Luton SP1, 11.14.1.1). A boundary error in a named pipe within the Licensing Service can cause an out-of-bounds memory read, enabling arbitrary code execution with SYSTEM privileges. Connected documents corroborate the ...