MiracleLinux 7 : setup-2.8.71-10.el7 (AXSA:2019-3677:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3677:01 advisory. setup: nologin listed in /etc/shells violates security expectations CVE-2018-1113 Tenable has extracted the preceding description block directly from the...

MiracleLinux 7 : sudo-1.8.6p7-20.el7 (AXSA:2016-1113:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2016-1113:02 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...

CVE-2022-1113

The Flower Delivery by Florist One WordPress plugin through 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setups...

CVE-2019-1113

A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka '.NET Framework Remote Code Execution Vulnerability'...

CVE-2008-1113

Cisco Unified Wireless IP Phone 7921, when using Protected Extensible Authentication Protocol PEAP, does not validate server certificates, which allows remote wireless access points to steal hashed passwords and conduct man-in-the-middle MITM attacks...

Linux Distros Unpatched Vulnerability : CVE-2018-1113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security...

CVE-2025-1113

A vulnerability was found in taisan tarzan-cms up to 1.0.0. It has been rated as critical. This issue affects the function upload of the file /adminthemes of the component Add Theme Handler. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been...

CVE-2025-1113

creationtimestamp| type| source ---|---|--- 2025-02-07 21:38:11+00:00| seen| https://infosec.exchange/users/cve/statuses/113964763741075536 2025-02-07 22:15:42+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhmmtjxouz25 2025-02-08 00:41:44+00:00| seen|...

CVE-2025-1113 taisan tarzan-cms Add Theme admin#themes upload deserialization

A vulnerability was found in taisan tarzan-cms up to 1.0.0. It has been rated as critical. This issue affects the function upload of the file /adminthemes of the component Add Theme Handler. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been...

CVE-2025-1113 taisan tarzan-cms Add Theme admin#themes upload deserialization

A vulnerability was found in taisan tarzan-cms up to 1.0.0. It has been rated as critical. This issue affects the function upload of the file /adminthemes of the component Add Theme Handler. The manipulation leads to deserialization. The attack may be initiated remotely. The exploit has been...

RHEL 5 : setup (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - setup: nologin listed in /etc/shells violates security expectations CVE-2018-1113 Note that Nessus has not tested f...

openSUSE Security Advisory (SUSE-SU-2024:1113-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHSA-2024:1113

creationtimestamp| type| source ---|---|--- 2024-03-05 16:17:02+00:00| seen| https://t.me/ctinow/200414...

RHEL 8 : frr (RHSA-2024:1113)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1113 advisory. FRRouting is free software that manages TCP/IP based routing protocols. It supports BGP4, OSPFv2, OSPFv3, ISIS, RIP, RIPng, PIM, NHRP, PBR,...

CVE-2024-1113

CVE-2024-1113 affects openBI up to v1.0.8, targeting the uploadUnity function in /application/index/controller/Unity.php. The root cause is manipulation of the file argument, enabling unrestricted remote file uploads. Multiple sources confirm the vulnerability and its public disclosure. A practic...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2024-1113)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 7 : bash (ELSA-2020-1113)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1113 advisory. 4.2.46-34 - BASHCMD should not be writable in restricted shell Resolves: 1693181 Tenable has extracted the preceding description block directly from the Oracle...

Debian: Security Advisory (DSA-2189-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1113

The CVE-2023-1113 entry concerns SourceCodester Simple Payroll System 1.0, where the POST Parameter Handler’s admin/?page=admin functionality is vulnerable. The root cause is manipulation of the fullname parameter, enabling cross-site scripting (XSS). The attack can be launched remotely (network ...

CVE-2022-1113

The Flower Delivery by Florist One WordPress plugin through 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed for example in multisite setups...