CVE-2025-12203

A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function sanitizeFileName of the file system/functions.php of the component Code Editor. Executing a manipulation of the argument File can lead to path traversal. The attack can be launched remotely. The exploit...

CVE-2024-12203

The RSS Icon Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘linkcolor’ parameter in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

CVE-2024-12203

creationtimestamp| type| source ---|---|--- 2025-01-17 07:02:40+00:00| seen| https://infosec.exchange/users/cve/statuses/113842412560283053 2025-01-17 07:15:46+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfwaqy4j4e2b 2025-01-17 07:38:55+00:00| seen|...

CVE-2024-12203 RSS Icon Widget <= 5.2 - Authenticated (Administrator+) Stored Cross-Site Scripting

The RSS Icon Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘linkcolor’ parameter in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

CVE-2024-12203 RSS Icon Widget <= 5.2 - Authenticated (Administrator+) Stored Cross-Site Scripting

The RSS Icon Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘linkcolor’ parameter in all versions up to, and including, 5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level...

CVE-2019-12203

SilverStripe 4.3.3 (and earlier) is affected by a session-fixation issue in the Change Password form. Multiple sources (NVD entry CVE-2019-12203, Red Hat advisory, Veracode, OSV, GHSA, and CVE lists) describe that the application does not regenerate the session ID in this flow, enabling a potenti...

CVE-2019-12203: Session fixation in "change password" form

More info at https://www.silverstripe.org/download/security-releases/cve-2019-12203/...

Intel Firmware 2018.4 QSR Advisory

Summary: Multiple potential security vulnerabilities in Intel firmware may allow for escalation of privilege, information disclosure or denial of service. Intel is releasing firmware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2018-12201 Description:...

CVE-2018-12203

CVE-2018-12203 is a Denial of Service vulnerability in Intel Platform Sample/Silicon Reference firmware for 8th/7th Gen Intel Core processors. The available connected sources indicate it could allow a privileged user to potentially execute arbitrary code via local access. Intel’s advisory INTEL-S...

zumiez.com XSS vulnerability

Vulnerable URL: http://www.zumiez.com/catalogsearch/result/?q==&cfwaftk=012780002nNsrBLKf5TfCKtTRooUGBps3rqI Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 12203 VIP website status...