13 matches found
RockyLinux 9 : xorg-x11-server-Xwayland (RLSA-2026:11369)
The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:11369 advisory. xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling CVE-2026-33999 xorg: xwayland: X.Org X server:...
CVE-2025-11369
creationtimestamp| type| source ---|---|--- 2025-12-17 08:04:36+00:00| seen| https://gist.github.com/Darkcrai86/57d4274086349616d0c1517df1462cf5...
CVE-2018-11369
An issue was discovered in PbootCMS v1.0.9. There is a SQL Injection that can get important information from the database via the \apps\home\controller\ParserController.php scode parameter...
CVE-2024-11369
creationtimestamp| type| source ---|---|--- 2025-01-07 05:30:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113785425925136481 2025-01-07 05:33:49+00:00| seen| https://infosec.exchange/users/cve/statuses/113785440083941138 2025-01-07 05:39:03+00:00| published-proof-of-concept|...
CVE-2024-11369 Store credit / Gift cards for woocommerce <= 1.0.49.46 - Reflected Cross-Site Scripting
The Store credit / Gift cards for woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'coupon', 'startdate', and 'enddate' parameters in all versions up to, and including, 1.0.49.46 due to insufficient input sanitization and output escaping. This makes it...
CVE-2024-11369
CVE-2024-11369 affects the WordPress plugin Store credit / Gift cards for WooCommerce (Store credit for WooCommerce). It is a Reflected Cross-Site Scripting vulnerability exploitable via the coupon, start_date, and end_date parameters in all versions up to 1.0.49.46, caused by insufficient input ...
CVE-2024-11369 Store credit / Gift cards for woocommerce <= 1.0.49.46 - Reflected Cross-Site Scripting
The Store credit / Gift cards for woocommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'coupon', 'startdate', and 'enddate' parameters in all versions up to, and including, 1.0.49.46 due to insufficient input sanitization and output escaping. This makes it...
CVE-2020-11369
CVE-2020-11369 is rejected/not used and does not represent an active vulnerability entry.
CVE-2020-11369
...
CVE-2021-27249
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. The issue result...
CVE-2019-11369
Carel pCOWeb devices before B1.2.4 store cleartext passwords in /config/pw_changeusers.html, enabling local disclosure of sensitive credentials to someone with device access. The vulnerability is documented across multiple sources (NVD and Red Hat CVE pages) with high impact on confidentiality an...
CVE-2018-11369
An issue was discovered in PbootCMS v1.0.9. There is a SQL Injection that can get important information from the database via the \apps\home\controller\ParserController.php scode parameter...
CVE-2018-11369
PbootCMS v1.0.9 is affected by CVE-2018-11369. The vulnerability is a SQL injection in the ParserController.php, triggered via the scode parameter under apps/home/controller. The underlying issue is unsafe handling of the scode input, enabling an attacker to retrieve data from the database. Docum...