14 matches found
CVE-2025-13423
creationtimestamp| type| source ---|---|--- 2025-11-20 00:21:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5ziqtyps32n...
EUVD-2021-13423
Malware in sbrugna...
CVE-2018-13423
admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag...
CVE-2024-13423
The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation due to a missing capability check on the 'sparklingactivateplugin' and 'sparklingdeactivateplugin' functions in versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers...
CVE-2024-13423 Sparkling <= 2.4.9 - Missing Authorization to Unauthenticated Arbitrary Plugin Activation/Deactivation
The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation due to a missing capability check on the 'sparklingactivateplugin' and 'sparklingdeactivateplugin' functions in versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers...
CVE-2024-13423 Sparkling <= 2.4.9 - Missing Authorization to Unauthenticated Arbitrary Plugin Activation/Deactivation
The Sparkling theme for WordPress is vulnerable to unauthorized plugin activation/deactivation due to a missing capability check on the 'sparklingactivateplugin' and 'sparklingdeactivateplugin' functions in versions up to, and including, 2.4.9. This makes it possible for unauthenticated attackers...
Heap overflow
A vulnerability has been identified in JT2Go All versions V13.2, Solid Edge SE2021 All Versions SE2021MP5, Teamcenter Visualization All versions V13.2. The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing ASM files. This could resul...
CVE-2020-13423
CVE-2020-13423 concerns a cross-site scripting vulnerability in Form Builder 2.1.0 for Magento. The connected documents confirm that the issue enables XSS against Magento 2 admin accounts via input channels including the Current_url field, the email field, and the User-Agent HTTP header. The root...
CVE-2019-13423
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a Kibana is configured to use Single-Sign-On as...
CVE-2019-13423
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a Kibana is configured to use Single-Sign-On as...
CVE-2019-13423
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a Kibana is configured to use Single-Sign-On as...
CVE-2019-13423
CVE-2019-13423 describes an impersonation vulnerability in floragunn Search Guard Kibana Plugin, affecting versions before 5.6.8-7 and before 6.x.y-12. The issue arises when an authenticated Kibana user presents incorrect credentials under a specific configuration: Kibana uses SSO (Kerberos, JWT,...
CVE-2018-13423
admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag...
CVE-2018-13423
Affected product: Omeka prior to 2.6.1. Vulnerability: Cross-site scripting (XSS) in admin/themes/default/items/tag-form.php triggered by adding or editing a tag. Root cause / nature: The description indicates an XSS flaw in the tag form handling. Impact (as stated): arbitrary script/HTML may be ...