Huawei EulerOS: Security Advisory for python-requests (EulerOS-SA-2026-1294)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2026-1294

The AD Sliding FAQ plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slidingfaq' shortcode in all versions up to, and including, 2.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

CAN Networks Security in Smart Grids Communication Technologies

The rapid evolution of smart grids requires effective communication protocols to transfer data reliably and securely. Controller Area Network CAN is one of the most recognized protocols that offer reliable data transmission in smart grids due to its robustness, real-time capabilities, and...

CVE-2020-1294

An elevation of privilege vulnerability exists in the way that the Windows WalletService handles objects in memory, aka 'Windows WalletService Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1287...

CVE-2025-1294

creationtimestamp| type| source ---|---|--- 2025-04-24 23:09:19+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13364 2025-04-25 01:30:07+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnm2hdsoapq2 2025-04-25 03:18:21+00:00| seen|...

CVE-2025-1294

CVE-2025-1294 : The eForm - WordPress Form Builder plugin for WordPress is affected by a stored XSS vulnerability in all versions up to and including 4.18.0, caused by insufficient input sanitization and output escaping. This allows unauthenticated attackers to inject arbitrary scripts that execu...

WordPress eForm plugin <= 4.18.0 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by shaman0x01 in WordPress Plugin eForm - WordPress Form Builder versions = 4.18.0...

CVE-2013-1294

creationtimestamp| type| source ---|---|--- 2025-01-16 20:55:59+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2041...

CVE-2024-1294

creationtimestamp| type| source ---|---|--- 2024-03-03 16:51:23+00:00| seen| https://t.me/ctinow/198825...

CVE-2024-1294

The Sunshine Photo Cart: Free Client Galleries for Photographers WordPress plugin (up to version 3.0.24) is vulnerable to unauthenticated Sensitive Information Exposure via the invoices feature, exposing customer emails and physical addresses. A fix exists in version 3.1+; update to 3.1 or later ...

WordPress Sunshine Photo Cart Plugin <= 3.0.24 is vulnerable to Sensitive Data Exposure

Software Sunshine Photo Cart Type Plugin Vulnerable versions = 3.0.24 Fixed in 3.1 OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-1294 Patch priority Low CVSS severity Low 5.3 Developer WP Sunshine PSID b62f43ca815f Credits Francesco Carlucci Required...

CVE-2023-1294

creationtimestamp| type| source ---|---|--- 2023-03-09 18:20:27+00:00| seen| https://t.me/cibsecurity/59727...

CVE-2023-1294

CVE-2023-1294 affects SourceCodester File Tracker Manager System 1.0. The vulnerability arises in the POST Parameter Handler, specifically the /file_manager/login.php file, where manipulating the username parameter leads to SQL injection. It is exploitable remotely and has been publicly disclosed...

SUSE CVE-2014-1294

WebKit, as used in Apple iOS before 7.1 and Apple TV before 6.1, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption and application crash via a crafted web site, a different vulnerability than CVE-2014-1289, CVE-2014-1290, CVE-2014-1291, CVE-2014-1292...

Security Bulletin: Apache Commons Email as used by IBM QRadar SIEM is vulnerable to information disclosure (CVE-2017-9801, CVE-2018-1294)

Summary Apache Commons Email as used by IBM QRadar SIEM is vulnerable to information disclosure. IBM QRadar SIEM has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2017-9801 DESCRIPTION: Apache Commons Email could allow a remote attacker to inject header data, caused by an error i...

CVE-2022-1294

creationtimestamp| type| source ---|---|--- 2022-05-30 12:18:11+00:00| seen| https://t.me/cibsecurity/43546...

CVE-2022-1294

The IMDB info box WordPress plugin through 2.0 does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-1294

The IMDB info box WordPress plugin through 2.0 does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-1294 IMDB info box <= 2.0 - Admin+ Stored Cross-Site Scripting

The IMDB info box WordPress plugin through 2.0 does not sanitize and escape some of its settings, which could allow high-privileged users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-1294

The CVE-2022-1294 entry concerns the WordPress IMDB info box plugin (versions ≤ 2.0). The vulnerability is a stored Cross-Site Scripting (XSS) flaw caused by inadequate sanitization/escaping of certain settings, allowing high-privileged users to inject JavaScript even when unfiltered_html is disa...