CVE-2026-11408

creationtimestamp| type| source ---|---|--- 2026-06-06 12:45:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnmonbhchn2w...

CVE-2025-11408

creationtimestamp| type| source ---|---|--- 2025-10-07 20:48:27+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115334847281869852...

Linux Distros Unpatched Vulnerability : CVE-2017-11408

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Wireshark 2.2.0 to 2.2.7 and 2.0.0 to 2.0.13, the AMQP dissector could crash. This was addressed in epan/dissectors/packet-amqp.c by checking for successful...

WordPress Slotti Ajanvaraus Plugin <= 1.3.0 is vulnerable to Cross Site Scripting (XSS)

Software Slotti Ajanvaraus Type Plugin Vulnerable versions = 1.3.0 Fixed in 1.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-11408 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 902f4a77f5fc Credits SOPROBRO Required...

CVE-2024-11408

creationtimestamp| type| source ---|---|--- 2024-11-23 04:52:57+00:00| seen| https://infosec.exchange/users/cve/statuses/113530475419129493...

CVE-2024-11408 Slotti Ajanvaraus <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Slotti Ajanvaraus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slotti' shortcode in all versions up to, and including, 1.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2020-11408

...

CVE-2020-11408

This CVE entry is rejected/not used; it does not represent an active vulnerability entry.

CVE-2019-11408

XSS in app/operatorpanel/indexinc.php in the Operator Panel module in FusionPBX 4.4.3 allows remote unauthenticated attackers to inject arbitrary JavaScript characters by placing a phone call using a specially crafted caller ID number. This can further lead to remote code execution by chaining th...

CVE-2019-11408

FusionPBX 4.4.3 is affected by CVE-2019-11408 (XSS) in the Operator Panel’s app/operator_panel/index_inc.php. An unauthenticated attacker can inject JavaScript by crafting the Caller ID/From field during a call, which is stated to chain into remote code execution via a second vulnerability (CVE-2...

FusionPBX 4.4.3 Remote Command Execution

Exploit Title: FusionPBX = 4.4.3 Command Injection RCE via XSS Date: 06-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://www.fusionpbx.com Software Link: https://https://github.com/fusionpbx/fusionpbx Version: = 4.4.3 Tested on: Debian 8.11 CVE : CVE-2019-11408 XSS AND CVE-2019-11409...

FusionPBX 4.4.3 - Remote Command Execution

FusionPBX 4.4.3 - Remote Command Execution Exploit Title: FusionPBX = 4.4.3 Command Injection RCE via XSS Date: 06-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://www.fusionpbx.com Software Link: https://https://github.com/fusionpbx/fusionpbx Version: = 4.4.3 Tested on: Debian 8.11 C...

FusionPBX 4.4.3 - Remote Command Execution Exploit #RCE

Exploit for php platform in category web applications Exploit Title: FusionPBX = 4.4.3 Command Injection RCE via XSS Date: 06-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://www.fusionpbx.com Software Link: https://https://github.com/fusionpbx/fusionpbx Version: = 4.4.3 Tested on:...

FusionPBX 4.4.3 - Remote Command Execution

Exploit Title: FusionPBX = 4.4.3 Command Injection RCE via XSS Date: 06-11-2019 Exploit Author: Dustin Cobb Vendor Homepage: https://www.fusionpbx.com Software Link: https://https://github.com/fusionpbx/fusionpbx Version: = 4.4.3 Tested on: Debian 8.11 CVE : CVE-2019-11408 XSS AND CVE-2019-11409...

[SECURITY] [DLA 1707-1] symfony security update

Package : symfony Version : 2.3.21+dfsg-4+deb8u4 CVE ID : CVE-2017-16652 CVE-2017-16654 CVE-2018-11385 CVE-2018-11408 CVE-2018-14773 CVE-2018-19789 CVE-2018-19790 Several security vulnerabilities have been discovered in symfony, a PHP web application framework. Numerous symfony components are...

Debian: Security Advisory (DLA-1707-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 28 : php-symfony4 (2018-96d770ddc9)

Version 4.0.11 2018-05-25 - bug 27364 DI Fix bad exception on uninitialized references to non-shared services nicolas-grekas - bug 27359 HttpFoundation Fix perf issue during MimeTypeGuesser intialization nicolas-grekas - security cve-2018-11408 SecurityBundle Fail if security.httputils cannot be...

Fedora 28 : php-symfony3 (2018-ba0b683c10)

Version 3.4.11 2018-05-25 - bug 27364 DI Fix bad exception on uninitialized references to non-shared services nicolas-grekas - bug 27359 HttpFoundation Fix perf issue during MimeTypeGuesser intialization nicolas-grekas - security cve-2018-11408 SecurityBundle Fail if security.httputils cannot be...

Fedora Update for php-symfony3 FEDORA-2018-6f3ceeb7cb

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : php-symfony (2018-2bdfc9dc67)

2.8.42 2018-06-25 - bug 27669 Filesystem fix file lock on SunOS fritzmg - bug 27309 Fix surrogate not using original request Toflar - bug 27630 ValidatorForm Remove BOM in some xlf files gautierderuette - bug 27591 VarDumper Fix dumping ArrayObject and ArrayIterator instances nicolas-grekas - bug...