13 matches found
EUVD-2017-2836
Malware in sbrugna...
CVE-2020-11180
Out of bound access in computer vision control due to improper validation of command length before processing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile...
CVE-2019-11180
Insufficient input validation in IntelR Baseboard Management Controller firmware may allow an unauthenticated user to potentially enable denial of service via network access...
CVE-2017-11180
FineCMS through 2017-07-11 has stored XSS in the logging functionality, as demonstrated by an XSS payload in 1 the User-Agent header of an HTTP request or 2 the username entered on the login screen...
CVE-2024-11180 ElementsKit Elementor addons <= 3.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer Widget ekitcountdowntimertitle parameter in all versions up to, and including, 3.4.7 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2024-11180 ElementsKit Elementor addons <= 3.4.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
The ElementsKit Elementor addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Timer Widget ekitcountdowntimertitle parameter in all versions up to, and including, 3.4.7 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2019-11180
creationtimestamp| type| source ---|---|--- 2024-02-14 13:56:22+00:00| seen| https://t.me/ctinow/184635...
CVE-2020-11180
The CVE-2020-11180 issue is an out-of-bounds access in Snapdragon computer vision controls caused by improper validation of command length before processing. Affected components include Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT and Mobile; the root cause is input length...
CVE-2019-11180
CVE-2019-11180 is an Intel® BMC firmware vulnerability involving insufficient input validation that may allow an unauthenticated user to cause a denial of service via network access . Multiple connected documents corroborate the issue and its impact, including Intel’s advisory, Red Hat, and SUSE ...
CVE-2018-11180
CVE-2018-11180 is a vulnerability in the Quest DR Series CloudPortal registration path where the registrationCode parameter is unsafely used to build a command line. The CoreLabs advisory and PoC details show an attacker can trigger remote command execution by crafting the registrationCode in a r...
CVE-2018-11180
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection issue 38 of 46...
Design/Logic Flaw
FineCMS through 2017-07-12 allows XSS in visitors.php because JavaScript in visited URLs is not restricted either during logging or during the reading of logs, a different vulnerability than CVE-2017-11180...
CVE-2017-11180
CVE-2017-11180 affects FineCMS up to 2017-07-11; the issue is a stored XSS in the logging functionality. The payloads demonstrated involve (1) the User-Agent header of HTTP requests and (2) the username entered on the login screen. The root cause is that log processing allows XSS content to be st...