CVE-2021-31813

Zoho ManageEngine Applications Manager before 15130 is vulnerable to Stored XSS while importing malicious user details e.g., a crafted user name from AD...

CVE-2025-15130

A vulnerability has been found in shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921. This issue affects the function addPost of the file Application/Admin/Controller/FileManageController.class.php of the component Administrative Panel. The manipulation leads to code injection. The attac...

CVE-2025-15130

creationtimestamp| type| source ---|---|--- 2025-12-28 10:31:44+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mb24l2hlvh2o...

CVE-2025-15130

The CVE-2025-15130 entry affects shanyu SyCms up to a242ef2d194e8bb249dc175e7c49f2c1673ec921. The vulnerability resides in the Administrative Panel’s Function addPost in Application/Admin/Controller/FileManageController.class.php, enabling remote code injection. Multiple sources corroborate the i...

CVE-2018-15130

ThinkSAAS through 2018-07-25 has XSS via the index.php?app=group∾=create=do groupdesc parameter...

CVE-2019-15130

The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to upload any file type to a candidate's profile picture folder via a crafted recruitmentonline/personalData/actpersonaltab.cfm multiple-part POST request with a predictable WRC01USERID...

Linux Distros Unpatched Vulnerability : CVE-2017-15130

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A denial of service flaw was found in dovecot before 2.2.34. An attacker able to generate random SNI server names could exploit TLS SNI configuration lookups,...

CVE-2020-15130

In SLPJS npm package slpjs before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1...

Mageia: Security Advisory (MGASA-2018-0160)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-31813

Zoho ManageEngine Applications Manager before 15130 is vulnerable to Stored XSS while importing malicious user details e.g., a crafted user name from AD...

SUSE: Security Advisory (SUSE-SU-2018:2632-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2632-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-15130

CVE-2020-15130 affects the npm package slpjs prior to version 0.27.4, causing a vulnerability where NFT1 Child Genesis transactions could be validated as valid without burning the required NFT1 Group tokens. Root cause: incorrect/poor validation logic in SLPJS that allows false‑positive outcomes....

CVE-2020-15130 False-positive validity for NFT1 genesis transactions in SLPJS

In SLPJS npm package slpjs before version 0.27.4, there is a vulnerability to false-positive validation outcomes for the NFT1 Child Genesis transaction type. A poorly implemented SLP wallet or opportunistic attacker could create a seemingly valid NFT1 child token without burning any of the NFT1...

bch-wallet-plugin-postoffice (>=1.0.0 <=1.0.8), bitcoin-wallet-api (>=0.0.5 <=0.1.6) potentially affected by CVE-2020-15130 via slpjs (>=0.22.5 <=0.23.3)

slpjs NPM version =0.22.5, =1.0.0, =0.0.5, =0.1.6 Source cves: CVE-2020-15130 Source advisory: OSV:GHSA-CC2P-4JHR-XHHX...

Huawei EulerOS: Security Advisory for dovecot (EulerOS-SA-2019-2571)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP5 : dovecot (EulerOS-SA-2019-2138)

According to the versions of the dovecot packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In Dovecot before 2.2.36.4 and 2.3.x before 2.3.7.2 and Pigeonhole before 0.5.7.2, protocol processing can fail for quoted strings. This occurs...

CVE-2019-15130

The Recruitment module in Humanica Humatrix 7 1.0.0.203 and 1.0.0.681 allows an unauthenticated attacker to upload any file type to a candidate's profile picture folder via a crafted recruitmentonline/personalData/actpersonaltab.cfm multiple-part POST request with a predictable WRC01USERID...

SUSE-SU-2018:2632-2 Security update for dovecot22

This update for dovecot22 fixes the following issues: Security issue fixed: - CVE-2017-15130: Fixed a potential denial of service via TLS SNI config lookups, which would slow the process down and could have led to exhaustive memory allocation and/or process restarts bsc1082828...

Security update for dovecot22 (important)

This update for dovecot22 fixes the following issues: Security issue fixed: - CVE-2017-15130: Fixed a potential denial of service via TLS SNI config lookups, which would slow the process down and could have led to exhaustive memory allocation and/or process restarts bsc1082828 This update was...