32 matches found
CVE-2026-13802
Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2026-13802
Use after free in Views in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code via a crafted HTML page. Chromium security severity: High...
CVE-2025-13802 jairiidriss RestaurantWebsite Make a Reservation cross site scripting
A vulnerability was determined in jairiidriss RestaurantWebsite up to e7911f12d035e8e2f9a75e7a28b59e4ef5c1d654. Impacted is an unknown function of the component Make a Reservation. This manipulation of the argument selecteddate causes cross site scripting. The attack can be initiated remotely. Th...
Linux Distros Unpatched Vulnerability : CVE-2020-13802
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification. CVE-2020-13802 Note that Nessus...
Linux Distros Unpatched Vulnerability : CVE-2017-13802
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affected. iTun...
CVE-2024-13802
The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bandsintownevents' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-13802
creationtimestamp| type| source ---|---|--- 2025-02-20 12:41:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3limctggngv2y 2025-02-20 13:08:53+00:00| seen| https://t.me/cvedetector/18522...
CVE-2024-13802 Bandsintown Events <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bandsintownevents' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2024-13802
CVE-2024-13802 – Bandsintown Events plugin for WordPress : All versions up to 1.3.1 are affected by a Stored XSS in the bandsintown_events shortcode due to insufficient input sanitization and output escaping. Exploitation requires authenticated access at contributor level or higher, enabling inje...
CVE-2024-13802 Bandsintown Events <= 1.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Bandsintown Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'bandsintownevents' shortcode in all versions up to, and including, 1.3.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
MGASA-2020-0470 Updated erlang-rebar3 package fixes security vulnerability
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification CVE-2020-13802...
Rebar3 Command Injection (CVE-2020-13802)
A command injection vulnerability exists in Rebar3. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CVE-2020-13802
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...
CVE-2020-13802
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...
CVE-2020-13802
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...
CVE-2020-13802
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...
CVE-2020-13802
Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification...
CVE-2020-13802
CVE-2020-13802 affects Rebar3 versions 3.0.0-beta.3 to 3.13.2, exposing OS command injection via a URL parameter in dependency specifications. The vulnerability is described across multiple sources (NVD, Gentoo GLSA, Mageia, Nessus, OpenVAS, Exploit-DB) with CVSS v3.1 base score 9.8 (CRITICAL). E...
Rebar3 3.13.2 Command Injection
Exploit Title: Rebar3 - OS command injection Date: 2020-06-03 Exploit Author: Alexey Pronin (vulnbe) Vendor Homepage: https://rebar3.org Software Link: https://github.com/erlang/rebar3 Versions affected: 3.0.0-beta.3 - 3.13.2 CVE: CVE-2020-13802 1. Description: ---------------------- Rebar3...
CVE-2018-13802
Siemens ROX II is affected by CVE-2018-13802. All ROX II versions prior to 2.12.1 are vulnerable to an elevation-of-privilege/command execution flaw accessible via SSH. An authenticated attacker with a high-privileged user account can log in over port 22, bypass restrictions, and execute arbitrar...