CVE-2025-13802 jairiidriss RestaurantWebsite Make a Reservation cross site scripting

A vulnerability was determined in jairiidriss RestaurantWebsite up to e7911f12d035e8e2f9a75e7a28b59e4ef5c1d654. Impacted is an unknown function of the component Make a Reservation. This manipulation of the argument selecteddate causes cross site scripting. The attack can be initiated remotely. Th...

Linux Distros Unpatched Vulnerability : CVE-2020-13802

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification. CVE-2020-13802 Note that Nessus...

Linux Distros Unpatched Vulnerability : CVE-2017-13802

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTun...

CVE-2024-13802

The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bandsintownevents' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-13802

creationtimestamp| type| source ---|---|--- 2025-02-20 12:41:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3limctggngv2y 2025-02-20 13:08:53+00:00| seen| https://t.me/cvedetector/18522...

CVE-2024-13802

CVE-2024-13802 – Bandsintown Events plugin for WordPress : All versions up to 1.3.1 are affected by a Stored XSS in the bandsintown_events shortcode due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at contributor level or higher, enabling inje...

CVE-2024-13802 Bandsintown Events <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bandsintownevents' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-13802 Bandsintown Events <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bandsintownevents' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

MGASA-2020-0470 Updated erlang-rebar3 package fixes security vulnerability

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification CVE-2020-13802...

Rebar3 Command Injection (CVE-2020-13802)

A command injection vulnerability exists in Rebar3. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

CVE-2020-13802

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...

CVE-2020-13802

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...

CVE-2020-13802

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...

CVE-2020-13802

CVE-2020-13802 affects Rebar3 versions 3.0.0-beta.3 to 3.13.2, exposing OS command injection via a URL parameter in dependency specifications. The vulnerability is described across multiple sources (NVD, Gentoo GLSA, Mageia, Nessus, OpenVAS, Exploit-DB) with CVSS v3.1 base score 9.8 (CRITICAL). E...

CVE-2020-13802

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...

CVE-2020-13802

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...

Rebar3 3.13.2 Command Injection

Exploit Title: Rebar3 - OS command injection Date: 2020-06-03 Exploit Author: Alexey Pronin （vulnbe） Vendor Homepage: https://rebar3.org Software Link: https://github.com/erlang/rebar3 Versions affected: 3.0.0-beta.3 - 3.13.2 CVE: CVE-2020-13802 1. Description: ---------------------- Rebar3...

CVE-2018-13802

Siemens ROX II is affected by CVE-2018-13802. All ROX II versions prior to 2.12.1 are vulnerable to an elevation-of-privilege/command execution flaw accessible via SSH. An authenticated attacker with a high-privileged user account can log in over port 22, bypass restrictions, and execute arbitrar...

GLSA-201712-01 : WebKitGTK+: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201712-01 WebKitGTK+: Multiple vulnerabilities Multiple vulnerabilities have been discovered in WebKitGTK+. Please review the referenced CVE identifiers for details. Impact : By enticing a victim to visit maliciously crafted web...

WebKit: use-after-free in WebCore::Style::TreeResolver::styleForElement(CVE-2017-13802)

There is a use-after-free security vulnerability in WebKit. The vulnerability was confirmed on ASan build of WebKit nightly. ASan log: ================================================================= ==30588==ERROR: AddressSanitizer: heap-use-after-free on address 0x608000077ec8 at pc...