Eyou E-Mail <3.6 - Remote Code Execution

Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/iploginset/diploginget.php via the getloginipconfigfile function. id: CVE-2014-1203 info: name: Eyou E-Mail 3.6 - Remote Code Execution author: pikpik...

ECHO-1203-94CA-1CEE

Bulletin has no description...

CVE-2026-1203

creationtimestamp| type| source ---|---|--- 2026-01-20 02:26:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mct47czlsa2g...

CVE-2026-1203 CRMEB JSON Token LoginServices.php remoteRegister improper authentication

A weakness has been identified in CRMEB up to 5.6.3. The impacted element is the function remoteRegister of the file crmeb/app/services/user/LoginServices.php of the component JSON Token Handler. Executing a manipulation of the argument uid can lead to improper authentication. The attack may be...

EUVD-2022-45233

Malicious code in bioql PyPI...

EUVD-2022-1203

Malicious code in bioql PyPI...

CVE-2023-1203

Improper removal of sensitive data in the entry edit feature of Hub Business submodule in Devolutions Remote Desktop Manager PowerShell Module 2022.3.1.5 and earlier allows an authenticated user to access sensitive data on entries that were edited using the affected submodule...

CVE-2016-1203

Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 Build427 and earlier allows a remote unauthenticated attacker to conduct a man-in-the-middle attack. A successful exploitation may result in a malicious file being downloaded...

WordPress Slider, Gallery, Carousel by MetaSlider plugin < 3.95.0 - Editor+ Stored XSS vulnerability

Editor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Responsive Slider by MetaSlider versions 3.95.0...

CVE-2025-1203

The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...

CVE-2025-1203

creationtimestamp| type| source ---|---|--- 2025-03-24 08:22:00+00:00| seen| https://t.me/cvedetector/20936 2025-03-24 10:34:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ll4kmoujdd26...

CVE-2025-1203

CVE-2025-1203 – MetaSlider Slider, Gallery, and Carousel (WordPress) ≤ 3.94.0 Issue: The Slider, Gallery, and Carousel by MetaSlider plugin does not sufficiently sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., editors) even when unfiltered_html is disallowed (...

CVE-2025-1203 Slider, Gallery, Carousel by MetaSlider < 3.95.0 - Editor+ Stored XSS

The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...

CVE-2023-1203

creationtimestamp| type| source ---|---|--- 2025-03-08 04:34:10+00:00| seen| Telegram/kMKq5zKvDIdYYLNtnmn9i08AYJArG59OufZX5JjO20FLWL...

CVE-2024-1203

The Conversios – Google Analytics 4 GA4, Meta Pixel & more Via Google Tag Manager For WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'valueData' parameter in all versions up to, and including, 7.0.7 due to insufficient escaping on the user supplied parameter and lack of...

WordPress Conversios.io Plugin <= 7.0.7 is vulnerable to SQL Injection

Software Conversios.io Type Plugin Vulnerable versions = 7.0.7 Fixed in 7.0.8 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-1203 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 047c3aed63ee Credits Krzysztof Zając Required privilege Subscriber...

CVE-2024-1203

CVE-2024-1203 involves the Conversios – Google Analytics 4 (GA4), Meta Pixel & more Via Google Tag Manager For WooCommerce WordPress plugin. The root cause is insufficient escaping and improper preparation of SQL queries in the valueData parameter, enabling authenticated attackers with subscriber...

CVE-2016-1203

creationtimestamp| type| source ---|---|--- 2023-10-31 15:50:57+00:00| seen| https://t.me/cibsecurity/73225...

CVE-2016-1203

Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 Build427 and earlier allows a remote unauthenticated attacker to conduct a man-in-the-middle attack. A successful exploitation may result in a malicious file being downloaded...

CVE-2016-1203

Improper file verification vulnerability in SaAT Netizen installer ver.1.2.0.424 and earlier, and SaAT Netizen ver.1.2.0.8 Build427 and earlier allows a remote unauthenticated attacker to conduct a man-in-the-middle attack. A successful exploitation may result in a malicious file being downloaded...