CVE-2024-12736

The BU Section Editing WordPress plugin through 0.9.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2020-12736

Code42 environments with on-premises server versions 7.0.4 and earlier allow for possible remote code execution. When an administrator creates a local non-SSO user via a Code42-generated email, the administrator has the option to modify content for the email invitation. If the administrator enter...

CVE-2024-12736

creationtimestamp| type| source ---|---|--- 2025-01-09 06:15:57+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfbzoofiwo2k 2025-01-09 06:16:29+00:00| seen| https://infosec.exchange/users/cve/statuses/113796932492439394 2025-01-09 06:17:07+00:00| seen|...

CVE-2024-12736

The BU Section Editing WordPress plugin through 0.9.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-12736 BU Section Editing <= 0.9.9 - Reflected XSS

The BU Section Editing WordPress plugin through 0.9.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-12736 BU Section Editing <= 0.9.9 - Reflected XSS

The BU Section Editing WordPress plugin through 0.9.9 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-12736

CVE-2024-12736 affects the BU Section Editing WordPress plugin (up to version 0.9.9). The vulnerability is a Reflected Cross-Site Scripting caused by insufficient sanitization/escaping of a parameter before it is output on the page, enabling an attacker to exploit admin or high-privilege users. T...

Siemens Ruggedcom ROS, SCALANCE Improper Access Control (CVE-2017-12736)

A vulnerability has been identified in RUGGEDCOM ROS for RSL910 devices All versions ROS V5.0.1, RUGGEDCOM ROS for all other devices All versions ROS V4.3.4, SCALANCE XB-200/XC-200/XP-200/XR300-WG All versions between V3.0 including and V3.0.2 excluding, SCALANCE XR-500/XM-400 All versions betwee...

CVE-2020-12736

creationtimestamp| type| source ---|---|--- 2020-07-08 00:55:20+00:00| seen| https://t.me/cibsecurity/13315...

CVE-2020-12736

CVE-2020-12736 affects Code42 on-premises servers (versions 7.0.4 and earlier). The issue arises when an administrator creates a local (non-SSO) user via a Code42-generated invitation email and includes template language in the subject line; the email generation service may interpret that code, l...

CVE-2019-12736

CVE-2019-12736 affects JetBrains Kotlin Ktor framework prior to 1.2.0-rc, where the LDAP username is not sanitized, enabling command injection. Impact described as significant; next steps require upgrading to 1.2.0-rc or 1.2.0 (fixes included). If exploitation details are not provided in the sour...

CVE-2017-12736

After initial configuration, the Ruggedcom Discovery Protocol RCDP is still able to write to the device under certain conditions. This could allow an attacker located in the adjacent network of the targeted device to perform unauthorized administrative actions...

CVE-2017-12736

CVE-2017-12736 affects Siemens Ruggedcom ROS and SCALANCE devices. After initial configuration, the Ruggedcom Discovery Protocol (RCDP) can still write to the device under certain conditions, potentially allowing an attacker in the adjacent network to perform unauthorized administrative actions. ...