CVE-2020-13121

Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt...

WordPress ProfilePress Plugin < 4.15.20 Multiple XSS Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

CVE-2024-13121 Paid Membership Plugin < 4.15.20 - Admin+ Stored XSS

The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.15.20 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even wh...

CVE-2024-13121

The CVE-2024-13121 entry concerns the WordPress Paid Membership Plugin (and related components) prior to version 4.15.20. The root cause is insufficient sanitisation/escaping of certain plugin settings, enabling stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disall...

CVE-2020-13121

Submitty up to version 20.04.01 contains an open redirect vulnerability triggered by an invalid login attempt via authentication/login?old=. The issue can redirect users to a malicious site, with potential for phishing or credential harvesting. Technical details in connected documents show affect...

CVE-2019-13121

An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2. The GitHub project integration was vulnerable to an SSRF vulnerability which allowed an attacker to make requests to local network resources. It has Incorrect Access Control...

CVE-2019-13121

An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2. The GitHub project integration was vulnerable to an SSRF vulnerability which allowed an attacker to make requests to local network resources. It has Incorrect Access Control...

CVE-2019-13121

GitLab Enterprise Edition 10.6–12.0.2 contains an SSRF vulnerability in the GitHub project integration (incorrect access control) that allows requests to local network resources. Affected component: GitHub integration in GitLab EE; impact includes potential access to internal resources. Exploitat...

CVE-2017-13121

...

CVE-2017-13121

CVE-2017-13121 is rejected/not used; this entry does not represent an active vulnerability.

CVE-2018-13121

RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service array out-of-bounds access and application crash via a crafted .aiff file...

CVE-2018-13121

CVE-2018-13121 affects RealOne Player 2.0 Build 6.0.11.872, where processing a specially crafted .aiff file can cause a denial of service via array out-of-bounds access, resulting in an application crash. The entry documents this vulnerability and provides CVSS metrics (CVSS2: 4.3/10; CVSS3: 5.5/...

Fedora Core 10 FEDORA-2009-13121 (ntp)

The remote host is missing an update to ntp announced via advisory FEDORA-2009-13121. OpenVAS Vulnerability Test $Id: fcore200913121.nasl 6624 2017-07-10 06:11:55Z cfischer $ Description: Auto-generated from advisory FEDORA-2009-13121 ntp Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...