CVE-2025-15392 Kohana KodiCMS Search API Endpoint page.php like sql injection

A weakness has been identified in Kohana KodiCMS up to 13.82.135. This affects the function like of the file cms/modules/pages/classes/kodicms/model/page.php of the component Search API Endpoint. Executing manipulation of the argument keyword can lead to sql injection. It is possible to launch th...

CVE-2025-15392

CVE-2025-15392 affects Kohana KodiCMS up to version 13.82.135, specifically the Search API Endpoint component file cms/modules/pages/classes/kodicms/model/page.php. The issue arises from manipulating the argument keyword in the Like function, enabling a SQL injection that can be exploited remotel...

EUVD-2021-33274

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2017-15392

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap...

CVE-2019-15392

creationtimestamp| type| source ---|---|--- 2024-02-20 08:11:52+00:00| seen| https://t.me/ctinow/188201...

CVE-2021-46598

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2021-46598

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

CVE-2021-46598

Bentley MicroStation CONNECT 10.16.0.80 is affected by a memory corruption remote code execution vulnerability in the JT file parser. The flaw stems from insufficient validation of user-supplied data during JT file parsing, allowing an attacker to execute code with the current process context aft...

Mageia: Security Advisory (MGASA-2017-0423)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-15392

A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2. This issue occurs during password recovery, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames...

CVE-2020-15392

CVE-2020-15392 — A user enumeration vulnerability in Venki Supravizio BPM 10.1.2 is triggered during password recovery. The issue arises from differing error messages that let an attacker determine whether a username exists, enabling brute-force use of valid usernames. Connected documents corrobo...

CVE-2019-15392

CVE-2019-15392 affects the Asus ZenFone 4 Selfie. A pre-installed app with package name com.log.logservice (version 1) exposes an exported interface that allows any co-located app to modify a system property without proper authorization. This is a local issue (attack vector: local) enabling integ...

CVE-2018-15392

CVE-2018-15392 concerns Cisco Industrial Network Director. The DHCP service is vulnerable to denial-of-service from an unauthenticated, adjacent attacker due to improper handling of DHCP lease requests, which could cause the DHCP service to terminate. Exploitation details are not provided in the ...

CVE-2017-15392

Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration...

CVE-2017-15392

Insufficient data validation in V8 in Google Chrome prior to 62.0.3202.62 allowed an attacker who can write to the Windows Registry to potentially exploit heap corruption via a crafted Windows Registry entry, related to PlatformIntegration...

CVE-2017-15392

CVE-2017-15392 relates to Google Chrome/Chromium on Windows and is caused by an incorrect registry key handling in the PlatformIntegration component prior to 62.0.3202.62. A crafted Windows Registry entry could allow heap corruption, potentially enabling code execution or stability issues as desc...

Fedora 27 : qt5-qtwebengine (2017-15b815b9b7)

An update of QtWebEngine to the security and bugfix release 5.9.3, including : - Security fixes from Chromium up to version 62.0.3202.89. Including: CVE-2017-5124, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129, CVE-2017-5132, CVE-2017-5133, CVE-2017-15386, CVE-2017-15387,...

Fedora 26 : chromium (2017-ea44f172e3)

Security fix for CVE-2017-15412 CVE-2017-15422 CVE-2017-15407 CVE-2017-15408 CVE-2017-15409 CVE-2017-15410 CVE-2017-15411 CVE-2017-15413 CVE-2017-15415 CVE-2017-15416 CVE-2017-15417 CVE-2017-15418 CVE-2017-15419 CVE-2017-15420 CVE-2017-15423 CVE-2017-15424 CVE-2017-15425 CVE-2017-15426...

Fedora Update for qt5-qtwebengine FEDORA-2017-4d90e9fc97

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : qt5-qtwebengine (2017-9015553e3d)

An update of QtWebEngine to the security and bugfix release 5.9.3, including : - Security fixes from Chromium up to version 62.0.3202.89. Including: CVE-2017-5124, CVE-2017-5126, CVE-2017-5127, CVE-2017-5128, CVE-2017-5129, CVE-2017-5132, CVE-2017-5133, CVE-2017-15386, CVE-2017-15387,...