CVE-2020-10596

OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section...

CVE-2025-10596

A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument usn results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2025-10596

creationtimestamp| type| source ---|---|--- 2025-09-17 15:25:38+00:00| seen| https://gist.github.com/Darkcrai86/87c14965b3463ee1c5e62eb1a689c174 2025-09-17 16:55:30+00:00| seen| https://gist.github.com/Darkcrai86/2a6cc27fb3231acfaf13c21b6136c6d2...

CVE-2025-10596 SourceCodester Online Exam Form Submission index.php sql injection

A vulnerability was found in SourceCodester Online Exam Form Submission 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument usn results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

CVE-2018-10596

creationtimestamp| type| source ---|---|--- 2025-05-22 17:43:29+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17329...

CVE-2020-17407

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...

CVE-2024-10596

creationtimestamp| type| source ---|---|--- 2024-10-31 22:47:52+00:00| seen| https://t.me/cvedetector/9540...

CVE-2024-10596

A vulnerability was found in ESAFENET CDG 5. It has been rated as critical. Affected by this issue is the function delEntryptPolicySort of the file /com/esafenet/servlet/system/EncryptPolicyTypeService.java. The manipulation of the argument id leads to sql injection. The attack may be launched...

CVE-2020-10596

creationtimestamp| type| source ---|---|--- 2024-04-23 19:23:31+00:00| seen| https://t.me/arpsyndicate/4768...

GHSA-P9QW-FH38-X37F OpenCart Cross-site Scripting

OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists because of an incomplete fix for CVE-2020-10596. The vendor states "this is not a massive issue as you...

OpenCart Cross-site Scripting

OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists because of an incomplete fix for CVE-2020-10596. The vendor states "this is not a massive issue as you...

CVE-2020-17407

Affected product: Microhard Bullet-LTE (firmware prior to v1.2.0-r1112). Vulnerability summary: A stack-based buffer overflow in the handling of the Basic/authentication headers allows remote attackers to execute arbitrary code with root privileges. The flaw arises from insufficient validation of...

CVE-2020-17407

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of authentication headers. The issue results fro...

CVE-2019-10596

creationtimestamp| type| source ---|---|--- 2020-09-08 15:55:39+00:00| seen| https://t.me/cibsecurity/14533...

CVE-2019-10596

u'Improper access control can lead signed process to guess pid of other processes and access their address space' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking ...

CVE-2019-10596

CVE-2019-10596 is described as an improper access-control issue in Qualcomm/Snapdragon components (Auto, Compute, Connectivity, Consumer IoT, Industrial IoT, Mobile, and related platforms such as Bitra, Nicobar, QCS605/610, Rennell, SA6155P, Saipan, SC7180X, SC8180X, SDM670/710/845/850, SM6150/71...

OpenCart 3.0.3.2 - Stored Cross Site Scripting (Authenticated) Vulnerability

Exploit for php platform in category web applications Exploit Title: OpenCart 3.0.3.2 - Stored Cross Site Scripting Authenticated Exploit Author: Kailash Bohara Vendor Homepage: https://www.opencart.com Software Link: https://www.opencart.com/index.php?route=cms/download Version: OpenCart...

CVE-2020-10596

OpenCart CVE-2020-10596 is described as a cross-site scripting issue in OpenCart 3.0.3.2 where remote authenticated users can inject XSS via a crafted filename in the image upload section. Connected sources reiterate the same class of vulnerability and note that the issue arises from inadequate e...

anione (>=1.2.0 <=1.2.7), gulp-imageoptim (=0.1.0) potentially affected by CVE-2016-10596 via imageoptim (>=0.3.4 <=0.4.2)

imageoptim NPM version =0.3.4, =1.2.0, =1.2.7 - gulp-imageoptim =0.1.0 Source cves: CVE-2016-10596 Source advisory: OSV:GHSA-MM7H-323R-9P4G...

CVE-2016-10596

The CVE-2016-10596 entry concerns imageoptim, a Node.js wrapper for image compression algorithms. The vulnerability arises because it downloads zipped resources over HTTP, enabling MITM attacks. A remote code execution (RCE) could be possible if an attacker swaps the tarball with a malicious one ...