CVE-2026-1106

creationtimestamp| type| source ---|---|--- 2026-01-18 01:33:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcnyc2vk3g2x...

MiracleLinux 4 : abrt-2.0.8-6.0.1.AXS4, btparser-0.16-3.AXS4, libreport-2.0.9-5.0.1.AXS4, python-meh-0.12.1-3.AXS4 (AXSA:2012-870:02)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-870:02 advisory. Description of problem: abrt abrt is a tool to help users to detect defects in applications and to create a bug report with all informations needed b...

CVE-2024-1106

The Shariff Wrapper WordPress plugin before 4.6.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2020-1106

A cross-site-scripting XSS vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-1099, CVE-2020-1100, CVE-2020-1101...

CVE-2020-1106

creationtimestamp| type| source ---|---|--- 2025-03-02 11:45:45+00:00| seen| Telegram/bnZ3vGOGpF7JJJOgwn331zowaMM5x7okudIUMraFcEaqHo9...

CVE-2025-1106

creationtimestamp| type| source ---|---|--- 2025-02-07 18:34:09+00:00| seen| https://infosec.exchange/users/cve/statuses/113964040129313194 2025-02-07 22:03:01+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/3838 2025-02-07 23:01:30+00:00| seen|...

CVE-2025-1106 CmsEasy database_admin.php restore_action path traversal

A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the function deletediraction/restoreaction in the library lib/admin/databaseadmin.php. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to...

CVE-2025-1106 CmsEasy database_admin.php restore_action path traversal

A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the function deletediraction/restoreaction in the library lib/admin/databaseadmin.php. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to...

SUSE: Security Advisory (SUSE-SU-2024:1106-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHSA-2024:1106

creationtimestamp| type| source ---|---|--- 2024-03-05 12:17:31+00:00| seen| https://t.me/ctinow/200150...

CVE-2024-1106

creationtimestamp| type| source ---|---|--- 2024-02-27 10:26:19+00:00| seen| https://t.me/ctinow/194190 2024-02-29 16:21:46+00:00| seen| https://t.me/ctinow/196775...

CVE-2024-1106

CVE-2024-1106 – Shariff Wrapper (WordPress) : The plugin prior to 4.6.10 does not sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed (e.g., multisite). Reported impact includes potential XSS within outputs generated...

CVE-2024-1106 Shariff Wrapper < 4.6.10 - Admin+ Stored XSS

The Shariff Wrapper WordPress plugin before 4.6.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-1106 Shariff Wrapper < 4.6.10 - Admin+ Stored XSS

The Shariff Wrapper WordPress plugin before 4.6.10 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Shariff Wrapper Plugin < 4.6.10 is vulnerable to Cross Site Scripting (XSS)

Software Shariff Wrapper Type Plugin Vulnerable versions 4.6.10 Fixed in 4.6.10 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1106 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID da44df395b73 Credits Dmitrii Ignatyev Require...

MAL-2024-275 Malicious code in wlwz-2312-1106 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4f61a2649cb1e02df29460e01f9c357290aaa9f3592eb13e4a8a4fbe544393f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in wlwz-2312-1106 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a4f61a2649cb1e02df29460e01f9c357290aaa9f3592eb13e4a8a4fbe544393f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-1106

creationtimestamp| type| source ---|---|--- 2023-03-02 07:34:08+00:00| seen| https://t.me/cibsecurity/59309 2025-03-07 22:36:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6910...

CVE-2023-1106 Cross-site Scripting (XSS) - Reflected in flatpressblog/flatpress

Cross-site Scripting XSS - Reflected in GitHub repository flatpressblog/flatpress prior to 1.3...

CVE-2023-1106 Cross-site Scripting (XSS) - Reflected in flatpressblog/flatpress

Cross-site Scripting XSS - Reflected in GitHub repository flatpressblog/flatpress prior to 1.3...