Joomla! Component JProject Manager 1.0 - Local File Inclusion

A directory traversal vulnerability in the Ternaria Informatica JProject Manager comjprojectmanager component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1469 inf...

CVE-2026-1469

creationtimestamp| type| source ---|---|--- 2026-01-29 13:39:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdkvys377o2i...

CVE-2025-1469

Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows Exploitation of Trusted Identifiers.This issue affects Eyotek: before 11.03.2025...

CVE-2025-1469

creationtimestamp| type| source ---|---|--- 2025-09-09 20:56:44+00:00| seen| MISP/2bceffac-02c3-4c54-a709-6e253b38ec76...

CVE-2025-1469

CVE-2025-1469 is an Authorization Bypass in Turtek Software Eyotek. Affected product: Eyotek before 11.03.2025. Root cause described in sources as bypass via a user-controlled key enabling exploitation of trusted identifiers. Impact is consistent with a high-severity CVSS 3.1 vector (Network atta...

CVE-2025-1469 IDOR in Turtek Software's Eyotek

Authorization Bypass Through User-Controlled Key vulnerability in Turtek Software Eyotek allows Exploitation of Trusted Identifiers.This issue affects Eyotek: before 11.03.2025...

CVE-2020-1469

A denial of service vulnerability exists when the .NET implementation of Bond improperly parses input, aka 'Bond Denial of Service Vulnerability'...

CVE-2015-1469

time.htm in the web interface on SerVision HVG Video Gateway devices with firmware through 2.2.26a100 allows remote authenticated users to gain privileges by leveraging a cookie received in an HTTP response, a different vulnerability than CVE-2015-0929 and CVE-2015-0930...

CVE-2013-1469

Directory traversal vulnerability in install.php in Piwigo before 2.4.7 allows remote attackers to read and delete arbitrary files via a .. dot dot in the dl parameter...

CVE-2008-1469

Gallarific Free Edition 1.1 does not require authentication for 1 photos.php, 2 comments.php, and 3 gallery.php in gadmin/, which allows remote attackers to edit objects via a direct request, different vectors than CVE-2008-1327. NOTE: the provenance of this information is unknown; the details ar...

CVE-2019-1469

creationtimestamp| type| source ---|---|--- 2024-03-09 14:16:47+00:00| seen| https://t.me/ctinow/203936...

Rocky Linux 9 : kernel-rt (RLSA-2023:1469)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:1469 advisory. - A flaw was found in the Linux kernel Traffic Control TC subsystem. Using a specific networking configuration redirecting egress packets to ingress usi...

WordPress WP Express Checkout (Accept PayPal Payments) Plugin <= 2.2.8 is vulnerable to Cross Site Scripting (XSS)

Software WP Express Checkout Accept PayPal Payments Type Plugin Vulnerable versions = 2.2.8 Fixed in 2.2.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1469 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID c8954f0fe6fa Credi...

CVE-2023-1469

creationtimestamp| type| source ---|---|--- 2023-03-17 15:45:47+00:00| seen| https://t.me/cibsecurity/60249...

CVE-2023-1469

CVE-2023-1469 affects the WordPress WP Express Checkout plugin. Vulnerability: stored cross-site scripting via pec_coupon[code] in versions up to 2.2.8 caused by insufficient input sanitization and output escaping. Impact: authenticated attackers with administrator-level access can inject web scr...

CVE-2023-1469

The WP Express Checkout plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘peccouponcode’ parameter in versions up to, and including, 2.2.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrator-lev...

CVE-2022-1469

creationtimestamp| type| source ---|---|--- 2022-06-08 14:45:56+00:00| seen| https://t.me/cibsecurity/44007...

CVE-2022-1469

The CVE-2022-1469 entry concerns the WordPress FiboSearch plugin prior to version 1.17.0, which does not sanitize or escape certain settings, enabling Stored XSS by high-privilege users (e.g., admin) when unfiltered_html is disallowed. Affected component: FiboSearch WordPress plugin; root cause: ...

CVE-2022-1469 FiboSearch < 1.18.0 - Admin+ Stored Cross-Site Scripting

The FiboSearch WordPress plugin before 1.17.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

SUSE: Security Advisory (SUSE-SU-2013:1469-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...