CVE-2026-1213

creationtimestamp| type| source ---|---|--- 2026-01-27 17:04:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdgajj2elk26...

CVE-2026-1213

All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2...

CVE-2026-1213

All versions of askbot before and including 0.12.2 allow an attacker authenticated with normal user permissions to modify the profile picture of other application users.This issue affects askbot: 0.12.2...

MiracleLinux 8 : python-rtslib-2.1.73-2.el8 (AXEA:2021-1213:01)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXEA:2021-1213:01 advisory. - Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile instead of shutil.copy is used, and thus...

Google Chrome < 4.1.0.21 Multiple Vulnerabilities

The version of Google Chrome installed on the remote Windows host is prior to 4.1.0.21. It is, therefore, affected by multiple vulnerabilities as referenced in the 201503stable-channel-update advisory. - Multiple use-after-free vulnerabilities in core/html/HTMLInputElement.cpp in the DOM...

CVE-2020-1213

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1214, CVE-2020-1215, CVE-2020-1216, CVE-2020-1230, CVE-2020-1260...

CVE-2025-1213

A vulnerability was found in pihome-shc PiHome 1.77. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2025-1213

CVE-2025-1213 affects PiHome 1.77. The vulnerability is a cross-site scripting (XSS) in an unknown functionality of /index.php triggered by manipulating the argument $_SERVER['PHP_SELF']. The attack can be launched remotely and the exploit has been disclosed publicly. Concrete details across conn...

CVE-2025-1213 pihome-shc PiHome index.php cross site scripting

A vulnerability was found in pihome-shc PiHome 1.77. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2025-1213 pihome-shc PiHome index.php cross site scripting

A vulnerability was found in pihome-shc PiHome 1.77. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /index.php. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack may be launched remotely. The exploit has...

CVE-2022-1213

SSRF filter bypass port 80, 433 in GitHub repository livehelperchat/livehelperchat prior to 3.67v. An attacker could make the application perform arbitrary requests, bypass CVE-2022-1191...

CVE-2024-1213 Easy Social Feed <= 6.5.4 - Cross-Site Request Forgery

The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 6.5.4. This is due to missing or incorrect nonce validation on the esfinstasaveaccesstoken and efblsavefacebookaccesstoken...

CVE-2024-1213

The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box WordPress plugin is affected by a CSRF vulnerability (CVE-2024-1213) affecting all versions up to 6.5.4, caused by missing or incorrect nonce validation in esf_insta_save_access_token and efbl_save_facebook_access_token. This ena...

WordPress Easy Social Feed Plugin <= 6.5.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Easy Social Feed Type Plugin Vulnerable versions = 6.5.4 Fixed in 6.5.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1213 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 08e633917104 Credits Eldar Zeynalli...

openSUSE: Security Advisory for chromium (openSUSE-SU-2023:0068-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 38 : alsa-plugins / attract-mode / audacious-plugins / blender / etc (2023-a5e10b188a)

The remote Fedora 38 host has packages installed that are affected by multiple vulnerabilities as referenced in the FEDORA-2023-a5e10b188a advisory. FFmpeg 6.0 upgrade. ---- update to 111.0.5563.64. Fixes the following security issues: CVE-2023-0927 CVE-2023-0928 CVE-2023-0929 CVE-2023-0930...

openSUSE 15 Security Update : opera (openSUSE-SU-2023:0114-1)

The remote openSUSE 15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2023:0114-1 advisory. - Use after free in Swiftshader in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a...

Mageia: Security Advisory (MGASA-2023-0090)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 36 : chromium (2023-015e4d696d)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-015e4d696d advisory. update to 111.0.5563.64. Fixes the following security issues: CVE-2023-0927 CVE-2023-0928 CVE-2023-0929 CVE-2023-0930 CVE-2023-0931 CVE-2023-0932...

Microsoft Edge (Chromium-Based) Multiple Vulnerabilities (Mar 2023)

This host is missing an important security update according to Microsoft Edge Chromium-Based updates. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...