EUVD-2026-33891

The hiWeb Migration Simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'newdomain' parameter in all versions up to, and including, 2.0.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

PT-2026-45703

The hiWeb Migration Simple plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'new domain' parameter in all versions up to, and including, 2.0.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

EUVD-2023-34907

Malicious code in bioql PyPI...

CVE-2023-30492

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Vark Minimum Purchase for WooCommerce plugin = 2.0.0.1 versions...

CVE-2013-3067

Linksys WRT310Nv2 2.0.0.1 is vulnerable to XSS...

CVE-2024-45588

This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1P160 due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lea...

PT-2024-31689 · Unknown · Symphony Xts Mobile Trading +1

Name of the Vulnerable Software and Affected Versions: Symphony XTS Web Trading and Mobile Trading platforms version 2.0.0.1 P160 Description: This issue exists due to improper access controls on APIs in the Authentication module. An authenticated remote attacker could exploit this by manipulatin...

PT-2024-31691 · Unknown · Symphony Xts Web Trading

Name of the Vulnerable Software and Affected Versions: Symphony XTS Web Trading version 2.0.0.1 P160 Description: This issue exists due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this by manipulating parameters...

PT-2024-31690 · Unknown · Symphony Xts Web Trading Platform

Name of the Vulnerable Software and Affected Versions: Symphony XTS Web Trading platform version 2.0.0.1 P160 Description: This issue exists due to improper access controls on APIs in the Transaction module of the vulnerable application. An authenticated remote attacker could exploit this by...

CVE-2023-30492

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Vark Minimum Purchase for WooCommerce plugin = 2.0.0.1 versions...

CVE-2023-30492 WordPress Minimum Purchase for WooCommerce Plugin <= 2.0.0.1 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Vark Minimum Purchase for WooCommerce plugin = 2.0.0.1 versions...

PT-2023-22728 · Woocommerce · Vark Minimum Purchase For Woocommerce

Name of the Vulnerable Software and Affected Versions: Vark Minimum Purchase for WooCommerce plugin versions = 2.0.0.1 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability. It affects users with contributor or higher permissions. The vulnerability allows for the...

Huawei B535-232a 安全漏洞

The Huawei B535-232a is a wireless router from Huawei China. A security vulnerability exists in Huawei B535-232a version 2.0.0.1 H318SP5C983, which stems from the presence of a traffic hijacking vulnerability...

Security Bulletin: Tensor Flow security vulnerabilities with denial of service on IBM Watson Machine Learning Server

Summary TensorFlow is vulnerable to a denial of service .Remote attacker could exploit this vulnerability to cause a denial of service condition on IBM Watson Machine Learning Server Vulnerability Details CVEID: CVE-2020-15190 DESCRIPTION: TensorFlow is vulnerable to a denial of service, caused b...

Security Bulletin: Netty security vulnerabilities on IBM Watson Machine Learning Server

Summary Netty is vulnerable to allow HTTP Request Smuggling on IBM Watson Machine Learning Server Vulnerability Details CVEID: CVE-2020-7238 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw when handling Transfer-Encoding whitespace and a later Content-Length header. B...

CVE-2013-3067

The provided records identify CVE-2013-3067 as affecting Linksys WRT310Nv2 with firmware 2.0.0.1, stating it is vulnerable to cross-site scripting (XSS). The available sources do not describe the exact vulnerable component, exploitable conditions, payloads, impact beyond XSS, or a patch/mitigatio...

TERASOLUNA Server Framework for Java (WEB) Information Disclosure Vulnerability

TERASOLUNA Server Framework for Java WEB is a set of frameworks based on the Java language for creating Web applications WEB version. A security vulnerability exists in TERASOLUNA Server Framework for Java WEB versions 2.0.0.1 through 2.0.6.1. A remote attacker can exploit the vulnerability to...

VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow PoC

No description provided by source. !-- VeryPDF PDFView OCX ActiveX OpenPDF Heap Overflow Discovered & Written By: r0ut3r writ3r at gmail.com / www.bmgsec.com.au Advisory: http://www.bmgsec.com.au/advisory/39/ --------------------------------------------------- Tested on: WinXP Pro SP2 Version:...

verypdf-activex.txt

Sub Boom buff = String1006, "A" target.OpenPDF buff, 1, 1 End Sub...

VeryPDF PDFView - OCX ActiveX OpenPDF Heap Overflow (PoC)

Sub Boom buff = String1006, "A" target.OpenPDF buff, 1, 1 End Sub milw0rm.com 2008-11-15...