Lucene search
K

18 matches found

Nuclei
Nuclei
added 19 hours ago29 views

Contentful <=2020-05-21 - Cross-Site Scripting

Contentful through 2020-05-21 for Python contains a reflected cross-site scripting vulnerability via the api parameter to the-example-app.py. id: CVE-2020-13258 info: name: Contentful alert...

6.1CVSS6.3AI score0.0249EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2025/11/18 2:8 a.m.10 views

CVE-2025-13258

A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used...

9CVSS7.2AI score0.00646EPSS
Exploits1References1
Circl
Circl
added 2025/11/17 3:16 a.m.6 views

CVE-2025-13258

creationtimestamp| type| source ---|---|--- 2025-11-17 03:16:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5sb4mmpj72q 2025-11-17 09:02:08+00:00| seen| https://infosec.exchange/users/offseq/statuses/115564224606265170 2025-11-18 17:49:38+00:00| seen|...

9CVSS8.8AI score0.00646EPSS
Exploits1References3
NVD
NVD
added 2025/11/17 3:15 a.m.6 views

CVE-2025-13258

A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used...

9CVSS0.00646EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2025/08/06 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2018-13258

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible. CVE-2018-13258 No...

5.3CVSS6.3AI score0.02056EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:7 a.m.10 views

CVE-2019-13258

XnView Classic 2.48 has a User Mode Write AV starting at xnview+0x0000000000328165...

7.8CVSS7AI score0.01215EPSS
Exploits1References1
NVD
NVD
added 2025/01/09 7:15 p.m.16 views

CVE-2024-13258

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST & JSON API Authentication: from 0.0.0 before 2.0.13...

9.8CVSS0.00618EPSS
Exploits0References1
Circl
Circl
added 2025/01/09 7:13 p.m.8 views

CVE-2024-13258

creationtimestamp| type| source ---|---|--- 2025-01-09 19:13:03+00:00| seen| https://infosec.exchange/users/cve/statuses/113799986053818546 2025-01-09 19:15:31+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/1021 2025-01-09 19:16:28+00:00| seen|...

9.8CVSS5.7AI score0.00618EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2025/01/09 7:5 p.m.10 views

CVE-2024-13258 Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST & JSON API Authentication: from 0.0.0 before 2.0.13...

9.6AI score0.00618EPSS
Exploits0References1
CVE
CVE
added 2025/01/09 7:5 p.m.87 views

CVE-2024-13258

Summary: CVE-2024-13258 is an Incorrect Authorization issue in the Drupal REST & JSON API Authentication module that allows forceful browsing. Affected software: Drupal REST & JSON API Authentication module (versions 0.0.0 through 2.0.12). Root cause/impact: Insufficient access control could bypa...

9.8CVSS6.7AI score0.00618EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/01/09 7:5 p.m.20 views

CVE-2024-13258 Drupal REST & JSON API Authentication - Moderately critical - Access bypass - SA-CONTRIB-2024-022

Incorrect Authorization vulnerability in Drupal Drupal REST & JSON API Authentication allows Forceful Browsing.This issue affects Drupal REST & JSON API Authentication: from 0.0.0 before 2.0.13...

0.00618EPSS
Exploits0References1
CVE
CVE
added 2020/05/21 4:6 p.m.110 views

CVE-2020-13258

CVE-2020-13258 affects Contentful for Python up to 2020-05-21, where the vulnerability resides in a reflected XSS via the api parameter to the-example-app.py. The issue arises in how input is reflected in the browser, enabling an attacker to execute malicious scripts in the victim’s context and p...

6.1CVSS6.2AI score0.0249EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/07/04 3:6 p.m.44 views

CVE-2019-13258

CVE-2019-13258 affects XnView Classic 2.48 . The vulnerability is described as a User Mode Write AV starting at xnview+0x0000000000328165. Connected sources reiterate the same product/version and the issue type; no additional exploit details, affected subcomponents, or remediation steps are provi...

7.8CVSS7.6AI score0.01215EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2018/10/04 8:29 p.m.20 views

CVE-2018-13258

Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible...

5.3CVSS6.3AI score0.02056EPSS
Exploits0References3
CVE
CVE
added 2018/10/04 8:0 p.m.112 views

CVE-2018-13258

CVE-2018-13258 affects MediaWiki 1.31 prior to 1.31.1. The issue is that the tarball provided for distribution omits .htaccess files, which are intended to protect certain directories from public web access. As a result, directories that should not be web-accessible may be exposed. The vulnerabil...

5.3CVSS5AI score0.02056EPSS
Exploits0References3Affected Software1
ArchLinux
ArchLinux
added 2018/09/25 12:0 a.m.29 views

[ASA-201809-5] mediawiki: multiple issues

Arch Linux Security Advisory ASA-201809-5 ========================================= Severity: Medium Date : 2018-09-25 CVE-ID : CVE-2018-0503 CVE-2018-0505 CVE-2018-13258 Package : mediawiki Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-765 Summary ======= The...

6.5CVSS0.9AI score0.02056EPSS
Exploits1References11
OSV
OSV
added 2018/04/04 5:29 p.m.3 views

CVE-2017-13258

In bnepdataind of bnepmain.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0...

7.5CVSS5.9AI score
Exploits0References4
CVE
CVE
added 2018/04/04 5:0 p.m.71 views

CVE-2017-13258

CVE-2017-13258 affects Android Bluetooth BNEP: a missing bounds check in bnep_data_ind() within bnep_main.cc can trigger an out-of-bounds read, enabling remote information disclosure without user interaction. Affected Android versions include 5.1.1, 6.0/6.0.1, 7.0, 7.1.1/7.1.2, 8.0, and 8.1 (Andr...

7.5CVSS6.8AI score0.07396EPSS
Exploits4References4Affected Software1
Rows per page
Query Builder