CVE-2025-11846

A null pointer dereference vulnerability in the account settings CGI program of the Zyxel VMG3625-T50B firmware versions through 5.50ABPM.9.6C0 and the Zyxel WX3100-T0 firmware versions through 5.50ABVL.4.8C0 could allow an authenticated attacker with administrator privileges to trigger a...

EUVD-2017-11846

Malware in sbrugna...

CVE-2024-11846

The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-11846

The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-11846

creationtimestamp| type| source ---|---|--- 2025-01-01 06:03:05+00:00| seen| https://infosec.exchange/users/cve/statuses/113751581349312596 2025-01-01 06:15:41+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lenvwt22uf25 2025-01-01 08:08:23+00:00| seen|...

CVE-2024-11846 Travel Tour < 5.2.4 - Reflected XSS

The does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2020-11846

creationtimestamp| type| source ---|---|--- 2024-08-21 16:34:23+00:00| seen| https://t.me/cvedetector/3771...

CVE-2019-11846

CVE-2019-11846 affects dotCMS 5.1.1 via the upload endpoint /servlets/ajax_file_upload?fieldName=binary3, enabling HTML Injection/XSS. Root cause: input handling in the upload path allows injected HTML/JS to be stored or reflected. Impact per sources: cross-site scripting with partial integrity i...

dotCMS 5.1.1 - HTML Injection

dotCMS 5.1.1 - HTML Injection Exploit Title: dotCMS 5.1.1 - HTML Injection Date: 2019-05-09 Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability: HTML...

dotCMS 5.1.1 - HTML Injection

Exploit Title: dotCMS 5.1.1 - HTML Injection Date: 2019-05-09 Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability: HTML Injection and Cross-site...

dotCMS 5.1.1 - HTML Injection Vulnerability

Exploit for jsp platform in category web applications Exploit Title: dotCMS 5.1.1 - HTML Injection Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability...

dotCMS 5.1.1 HTML Injection

Exploit Title: dotCMS 5.1.1 - HTML Injection Date: 2019-05-09 Exploit Author: Ismail Tasdelen Vendor Homepage: https://dotcms.com/ Software Link: https://github.com/dotCMS Software: dotCMS Product Version: 5.1.1 Vulernability Type: Code Injection Vulenrability: HTML Injection and Cross-site...

CVE-2018-11846

The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850...

CVE-2018-11846

The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850...

CVE-2018-11846

The CVE-2018-11846 entry affects Snapdragon Mobile: SD 210/SD 212/SD 205, SD 845, and SD 850. The root cause is a non-time-constant memory comparison operation that can create timing/side-channel attacks. Exploitation details are not provided in the documents; there is no public exploit informati...

Memory corruption

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an...

Memory corruption

Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current...

CVE-2017-11846

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows...

Memory corruption

ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an...

Memory corruption

ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from...