15 matches found
CVE-2025-11583
A flaw has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function of the file /postjob.php. Executing manipulation of the argument txtjobID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2025-11583 code-projects Online Job Search Engine postjob.php sql injection
A flaw has been found in code-projects Online Job Search Engine 1.0. Impacted is an unknown function of the file /postjob.php. Executing manipulation of the argument txtjobID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2024-11583
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'removezippedfont' function in all versions up to, and including, 1.5.9. This makes it possible for...
CVE-2024-11583
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'removezippedfont' function in all versions up to, and including, 1.5.9. This makes it possible for...
CVE-2024-11583 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.9 - Missing Authorization to Icon Font Deletion
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'removezippedfont' function in all versions up to, and including, 1.5.9. This makes it possible for...
CVE-2024-11583
CVE-2024-11583 (Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg) affects Borderless versions up to and including 1.5.9. The vulnerability is a missing capability check in the remove_zipped_font function, enabling authenticated attackers with Subscriber-level access...
CVE-2024-11583 Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg <= 1.5.9 - Missing Authorization to Icon Font Deletion
The Borderless – Widgets, Elements, Templates and Toolkit for Elementor & Gutenberg plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'removezippedfont' function in all versions up to, and including, 1.5.9. This makes it possible for...
CVE-2020-11583
creationtimestamp| type| source ---|---|--- 2020-08-04 00:55:10+00:00| seen| https://t.me/cibsecurity/13848...
CVE-2020-11583
A GET-based XSS reflected vulnerability in Plesk Obsidian 18.0.17 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter...
CVE-2020-11583
CVE-2020-11583 affects Plesk Obsidian 18.0.17 with a GET-based reflected XSS. The vulnerability allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter. The available connected documents corroborate a client-side data handling flaw in the Plesk Obsidia...
Atlassian JIRA < 7.13.4 / 8.0.x < 8.1.0 Epic Name DoS (SB19-182)
According to its self-reported version number, the instance of Atlassian JIRA hosted on the remote web server is potentially affected by a unspecified flaw in 'Epic Name' ordering operations. A remote, authenticated attacker could cause a denial of service. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2019-11583
The issue searching component in Jira before version 8.1.0 allows remote attackers to deny access to Jira service via denial of service vulnerability in issue search when ordering by "Epic Name"...
CVE-2019-11583
CVE-2019-11583 affects Atlassian Jira: the issue searching component is vulnerable in Jira versions before 8.1.0, allowing remote attackers to deny access to Jira service via a denial-of-service in issue search when ordering by Epic Name. Connected sources confirm affected products/versions and t...
CVE-2018-11583
CVE-2018-11583 affects SeaCMS 6.61, with a stored XSS in admin_collect.php via the siteurl parameter. Root cause per records is unescaped/sanitized input in siteurl leading to script injection. NVD metrics indicate confidentiality impact NONE and integrity impact PARTIAL (availability NONE); user...
CVE-2017-11583
FineCMS 5.0.9 has a SQL injection in libraries/Template.php via the catid parameter in an action=related request. Impact per CNVD/NVD records includes potential disclosure of all databases. No patch version or remediation is explicitly provided in the connected documents. Exploitation details are...