18 matches found
Contentful <=2020-05-21 - Cross-Site Scripting
Contentful through 2020-05-21 for Python contains a reflected cross-site scripting vulnerability via the api parameter to the-example-app.py. id: CVE-2020-13258 info: name: Contentful alert...
CVE-2025-13258
A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used...
CVE-2025-13258
creationtimestamp| type| source ---|---|--- 2025-11-17 03:16:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5sb4mmpj72q 2025-11-17 09:02:08+00:00| seen| https://infosec.exchange/users/offseq/statuses/115564224606265170 2025-11-18 17:49:38+00:00| seen|...
CVE-2025-13258
A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used...
Linux Distros Unpatched Vulnerability : CVE-2018-13258
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible. CVE-2018-13258 No...
CVE-2019-13258
XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000328165...
CVE-2024-13258
Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST & JSON API Authentication: from 0.0.0 before 2.0.13...
CVE-2024-13258
creationtimestamp| type| source ---|---|--- 2025-01-09 19:13:03+00:00| seen| https://infosec.exchange/users/cve/statuses/113799986053818546 2025-01-09 19:15:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1021 2025-01-09 19:16:28+00:00| seen|...
CVE-2024-13258 Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022
Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST & JSON API Authentication: from 0.0.0 before 2.0.13...
CVE-2024-13258
Summary: CVE-2024-13258 is an Incorrect Authorization issue in the Drupal REST & JSON API Authentication module that allows forceful browsing. Affected software: Drupal REST & JSON API Authentication module (versions 0.0.0 through 2.0.12). Root cause/impact: Insufficient access control could bypa...
CVE-2024-13258 Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022
Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST & JSON API Authentication: from 0.0.0 before 2.0.13...
CVE-2020-13258
CVE-2020-13258 affects Contentful for Python up to 2020-05-21, where the vulnerability resides in a reflected XSS via the api parameter to the-example-app.py. The issue arises in how input is reflected in the browser, enabling an attacker to execute malicious scripts in the victim’s context and p...
CVE-2019-13258
CVE-2019-13258 affects XnView Classic 2.48 . The vulnerability is described as a User Mode Write AV starting at xnview+0x0000000000328165. Connected sources reiterate the same product/version and the issue type; no additional exploit details, affected subcomponents, or remediation steps are provi...
CVE-2018-13258
Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible...
CVE-2018-13258
CVE-2018-13258 affects MediaWiki 1.31 prior to 1.31.1. The issue is that the tarball provided for distribution omits .htaccess files, which are intended to protect certain directories from public web access. As a result, directories that should not be web-accessible may be exposed. The vulnerabil...
[ASA-201809-5] mediawiki: multiple issues
Arch Linux Security Advisory ASA-201809-5 ========================================= Severity: Medium Date : 2018-09-25 CVE-ID : CVE-2018-0503 CVE-2018-0505 CVE-2018-13258 Package : mediawiki Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-765 Summary ======= The...
CVE-2017-13258
In bnepdataind of bnepmain.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0...
CVE-2017-13258
CVE-2017-13258 affects Android Bluetooth BNEP: a missing bounds check in bnep_data_ind() within bnep_main.cc can trigger an out-of-bounds read, enabling remote information disclosure without user interaction. Affected Android versions include 5.1.1, 6.0/6.0.1, 7.0, 7.1.1/7.1.2, 8.0, and 8.1 (Andr...