CVE-2020-10412

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/import-csv.php by adding a question mark ? followed by the payload...

CVE-2025-10412

creationtimestamp| type| source ---|---|--- 2025-09-23 10:32:33+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3lzipu2uzqh2q...

WordPress Uni CPO (Premium) plugin <= 4.9.54 - Unauthenticated Arbitrary File Upload via 'uni_cpo_upload_file' vulnerability

Unauthenticated Arbitrary File Upload via 'unicpouploadfile' vulnerability discovered by Ren Voza in WordPress Plugin Uni CPO Premium versions = 4.9.54...

CVE-2024-10412

A vulnerability was found in Poco-z Guns-Medical 1.0. It has been declared as problematic. Affected by this vulnerability is the function upload of the file /mgr/upload of the component File Upload. The manipulation of the argument picture leads to cross site scripting. The attack can be launched...

CVE-2024-10412

creationtimestamp| type| source ---|---|--- 2024-10-27 10:03:00+00:00| seen| https://t.me/cvedetector/9051 2025-10-01 18:11:57+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6 2025-10-08 21:59:32+00:00| seen| MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6...

CVE-2020-10412

The connected Red Hat advisories corroborate CVE-2020-10412 affecting Chadha PHPKB Standard Multi-Language 9. The issue is a reflected XSS flaw in the URI handling in admin/header.php, enabling injection via the query string and affecting admin/import-csv.php (and related pages in the same produc...

MariaDB 'CVE-2020-2574' Denial of Service Vulnerability - Windows

MariaDB is prone to a Denial of Service vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...

CVE-2019-10412

Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

CVE-2019-10412

Jenkins Inedo ProGet Plugin 1.2 and earlier transmitted configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure...

CVE-2019-10412

CVE-2019-10412 affects the CloudBees/Jenkins Inedo ProGet Plugin up to version 1.2, where credentials configured in the global Jenkins configuration form were transmitted in plain text, exposing sensitive data. The root cause involves the plugin storing a service password (encrypted on disk) but ...

CVE-2016-10412

CVE-2016-10412 describes an integer overflow that could lead to a buffer overflow in a memory API function on Android devices with Qualcomm Small Cell SoCs, Snapdragon Mobile, and Snapdragon Wear families. The affected range includes numerous Snapdragon/SD and related components, with the issue a...

CVE-2017-10412

CVE-2017-10412 affects Oracle E-Business Suite Knowledge Management (User Interface) in versions 12.1.1–12.2.7. The vulnerability allows unauthenticated network access via HTTP to the Knowledge Management UI, with exploitation requiring user interaction. Consequences include unauthorized access t...