CVE-2018-10522

In CMS Made Simple CMSMS through 2.2.7, the "file view" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by ordinary users, because the product exposes unrestricted access to the PHP filegetcontents function...

Linux Distros Unpatched Vulnerability : CVE-2016-10522

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - railsadmin ruby gem v1.1.1 is vulnerable to cross-site request forgery CSRF attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attack...

CVE-2019-10522

While playing the clip which is nonstandard buffer overflow can occur while parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996A...

CVE-2024-10522

CVE-2024-10522 : The Co-marquage service-public.fr WordPress plugin is vulnerable to Reflected Cross-Site Scripting (XSS) due to insufficient escaping of add_query_arg, affecting all versions up to 0.5.76. Unauthenticated attackers could trigger scripts when a user clicks a crafted link. A fix ex...

WordPress Co-marquage service-public.fr Plugin <= 0.5.76 is vulnerable to Cross Site Scripting (XSS)

Software Co-marquage service-public.fr Type Plugin Vulnerable versions = 0.5.76 Fixed in 0.5.77 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10522 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1b874700b5d7 Credits...

CVE-2021-31530

The CVE-2021-31530 entry affects Zoho ManageEngine ServiceDesk Plus MSP prior to version 10522, exposing information disclosure via a web-based ITSM platform. The vulnerability is network-exposed with no user interaction required, and it has a CVSS v3.1 base score of 7.5 (High) and a CVSS v2.0 ba...

ZOHO ManageEngine ServiceDesk Plus 信息泄露漏洞

Zoho ManageEngine ServiceDesk Plus MSP is a web-based ITSM suite designed for managed service providers. An information disclosure vulnerability exists in versions prior to Zoho ManageEngine ServiceDesk Plus MSP 10522. No detailed vulnerability details are provided at this time...

CVE-2019-10522

CVE-2019-10522 affects a wide range of Qualcomm Snapdragon devices across multiple SoCs (e.g., SD 210/212/205, 625, 665, 710/670, 820/820A, 835/850, 855, and many others) due to a nonstandard buffer overflow in the clip parsing path. The issue is triggered while playing a clip and could impact co...

CVE-2019-10522

While playing the clip which is nonstandard buffer overflow can occur while parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996A...

CVE-2016-10522

The CVE-2016-10522 entry concerns the rails_admin Ruby gem

CVE-2018-10522

CMS Made Simple (CMSMS) up to version 2.2.7 contains an information-disclosure vulnerability in the admin dashboard’s file view operation. The issue arises because the PHP file_get_contents function is exposed without access restrictions, allowing ordinary users to read arbitrary files. The cited...