CVE-2020-12811

An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting XSS via the Identify Provider name field...

SUSE CVE-2025-5269

Memory safety bug present in Firefox ESR 128.10, and Thunderbird 128.10. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox ESR 128.11 and Thunderbird 128.11...

CVE-2024-12811 Traveler <= 3.1.8 - Authenticated (Contributor+) Local File Inclusion via Shortcode

The Traveler theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.1.8 via the 'hotelaloneslider' shortcode 'style' attribute. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute...

CVE-2020-12811

An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting XSS via the Identify Provider name field...

CVE-2020-12811

Fortinet FortiManager 6.2.0/6.2.1/6.2.2/6.2.3 and FortiAnalyzer 6.2.0/6.2.1/6.2.2/6.2.3 are affected by CVE-2020-12811 due to improper neutralization of script-related HTML tags, enabling cross-site scripting via the Identify Provider name field. Root cause: script tags not correctly sanitized in...

CVE-2020-12811

An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting XSS via the Identify Provider name field...

CVE-2019-12811

ActiveX Control in MyBuilder before 6.2.2019.814 allow an attacker to execute arbitrary command via the ShellOpen method. This can be leveraged for code execution...

CVE-2019-12811

CVE-2019-12811 affects the ActiveX Control in MyBuilder prior to version 6.2.2019.814. The underlying issue is that the ShellOpen method can be abused to execute arbitrary commands, enabling code execution. The Red Hat entry reiterates the same flaw and impacts, but the provided documents do not ...

CVE-2018-12811

Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 contain a memory corruption vulnerability (CVE-2018-12811) that could lead to remote code execution when exploited. Public sources confirm updates to address both CVE-2018-12810 and CVE-2018-12811 by upgrading to Photoshop ...

CVE-2018-12811

creationtimestamp| type| source ---|---|--- 2018-08-23 12:22:59+00:00| seen| https://t.me/informationsecuritychannel/19653...

Adobe Issues Emergency Patches for Critical Flaws in Photoshop CC

Adobe released an out-of-band security update earlier today to address two critical remote code execution vulnerabilities impacting Adobe Photoshop CC for Microsoft Windows and Apple macOS machines. According to the security advisory published Wednesday by Adobe, its Photoshop CC software is...

CVE-2017-12811

PHPJabbers Star Rating Script 4.0 has stored XSS via a rating item...

CVE-2017-12811

Summary of CVE-2017-12811 : PHPJabbers Star Rating Script 4.0 is affected by a stored cross-site scripting (XSS) vulnerability via a rating item. The CVE entry confirms the issue but does not provide explicit exploit details, affected file paths, or versions beyond 4.0 in the description. Connect...

3Com 3CDaemon 2.0 FTP Username Overflow

This module exploits a vulnerability in the 3Com 3CDaemon FTP service. This package is being distributed from the 3Com web site and is recommended in numerous support documents. This module uses the USER command to trigger the overflow. This module requires Metasploit:...