18 matches found
CVE-2024-13055
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
Linux Distros Unpatched Vulnerability : CVE-2017-13055
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print- isoclns.c:isisprintisreachsubtlv. CVE-2017-13055 Note that Nessus relies on the...
CVE-2024-13055
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13055
CVE-2024-13055 affects the Dyn Business Panel WordPress plugin (versions
CVE-2024-13055 Dyn Business Panel <= 1.0.0 - Reflected XSS
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13055 Dyn Business Panel <= 1.0.0 - Reflected XSS
The Dyn Business Panel WordPress plugin through 1.0.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2021-34947
The CVE-2021-34947 entry describes a NETGEAR R7800 net-cgi Out-of-Bounds Write Remote Code Execution vulnerability. The flaw is in parsing of the soap_block_table, caused by insufficient validation of user-supplied data, allowing a write past the end of an allocated structure. This enables networ...
CVE-2021-34947 NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability
NETGEAR R7800 net-cgi Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists...
CVE-2018-13055
A cross-site scripting XSS vulnerability in the View Filters page viewfilterspage.php in MantisBT 2.1.0 through 2.15.0 allows remote attackers to inject arbitrary code if CSP settings permit it through a crafted PATHINFO...
CVE-2020-13055
CVE-2020-13055 is rejected/not used; this entry does not represent an active vulnerability.
CVE-2020-13055
...
CVE-2018-16514
A cross-site scripting XSS vulnerability in the View Filters page viewfilterspage.php and Edit Filter page managefiltereditpage.php in MantisBT 2.1.0 through 2.17.0 allows remote attackers to inject arbitrary code if CSP settings permit it through a crafted PATHINFO. NOTE: this vulnerability exis...
Cross site scripting
A cross-site scripting XSS vulnerability in the View Filters page viewfilterspage.php and Edit Filter page managefiltereditpage.php in MantisBT 2.1.0 through 2.17.0 allows remote attackers to inject arbitrary code if CSP settings permit it through a crafted PATHINFO. NOTE: this vulnerability exis...
Mantis 2.11.1 Cross Site Scripting
Reflected Cross-site Scripting in Mantis 2.11.1 Information -------------------- Advisory by Netsparker Name: Reflected Cross-site Scripting in Mantis 2.11.1 Affected Software: Mantis Affected Versions: 2.11.1 Homepage: https://www.mantisbt.org/ Vulnerability: Cross-site Scripting Severity: Mediu...
CVE-2018-13055
CVE-2018-13055 family (MantisBT) : The cross‑site scripting flaw affects MantisBT 2.1.0–2.15.0 (and related advisories) via PATH_INFO on the View Filters page (view_filters_page.php) and related Edit Filter paths, caused by an incomplete fix for this issue. Connected entries reiterate the same XS...
CVE-2017-13055
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isisprintisreachsubtlv...
CVE-2017-13055
The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isisprintisreachsubtlv...
Debian: Security Advisory (DSA-3971-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...