EUVD-2026-2131

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to execute code locally...

CVE-2019-2131

An application with overlay permission can display overlays on top of settings UI. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2...

Linux Distros Unpatched Vulnerability : CVE-2013-2131

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Format string vulnerability in the rrdtool module 1.4.7 for Python, as used in Zenoss, allows context- dependent attackers to cause a denial of service crash vi...

CVE-2023-2131

Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS command injection, which could allow an attacker to remotely execute arbitrary code...

CVE-2021-2131

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

CVE-2002-2131

Directory traversal vulnerability in Perl-HTTPd before 1.0.2 allows remote attackers to view arbitrary files via a .. dot dot in an unknown argument...

CVE-2025-2131

A vulnerability was found in dayrui XunRuiCMS up to 4.6.3. It has been rated as problematic. This issue affects some unknown processing of the component Friendly Links Handler. The manipulation of the argument Website Address leads to cross site scripting. The attack may be initiated remotely. Th...

CVE-2025-2131

creationtimestamp| type| source ---|---|--- 2025-03-09 22:36:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6974 2025-03-10 01:20:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljyf62lmlt2m 2025-03-10 02:18:45+00:00| seen|...

CVE-2025-2131

CVE-2025-2131 affects dayrui XunRuiCMS up to version 4.6.3. The issue is a cross-site scripting (XSS) vulnerability in the Friendly Links Handler, triggered by manipulation of the Website Address parameter in processing logic. The advisory notes that the attack can be initiated remotely and that ...

CVE-2025-2131 dayrui XunRuiCMS Friendly Links cross site scripting

A vulnerability was found in dayrui XunRuiCMS up to 4.6.3. It has been rated as problematic. This issue affects some unknown processing of the component Friendly Links Handler. The manipulation of the argument Website Address leads to cross site scripting. The attack may be initiated remotely. Th...

OpenSSL 0.9.8v < 0.9.8w Vulnerability

The version of OpenSSL installed on the remote host is prior to 0.9.8w. It is, therefore, affected by a vulnerability as referenced in the 0.9.8w advisory. - Multiple integer signedness errors in crypto/buffer/buffer.c in OpenSSL 0.9.8v allow remote attackers to conduct buffer overflow attacks, a...

WordPress Move Addons for Elementor Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Move Addons for Elementor Type Plugin Vulnerable versions = 1.2.9 Fixed in 1.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2131 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 464ca06d6704 Credits Francesco...

CVE-2024-2131

The Move Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's infobox and button widget in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-2131 Move Addons for Elementor <= 1.2.9 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Move Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's infobox and button widget in all versions up to, and including, 1.2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-2131

The CVE-2024-2131 entry pertains to Move Addons for Elementor (WordPress). It affects all versions up to 1.2.9 and describes a Stored Cross-Site Scripting (XSS) via the plugin’s infobox and button widget due to insufficient input sanitization and output escaping on user-supplied attributes. Authe...

Amazon Linux 2 : golang (ALAS-2023-2131)

The version of golang installed on the remote host is prior to 1.18.9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2131 advisory. The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go...

INEA ME RTU Improper Neutralization of Special Elements Used in an OS Command (CVE-2023-2131)

Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS command injection, which could allow an attacker to remotely execute arbitrary code. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C...

CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday released an Industrial Control Systems ICS advisory about a critical flaw affecting ME RTU remote terminal units. The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of 10.0 on the...

CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday released an Industrial Control Systems ICS advisory about a critical flaw affecting ME RTU remote terminal units. The security vulnerability, tracked as CVE-2023-2131, has received the highest severity rating of 10.0 on the...

CVE-2023-2131

creationtimestamp| type| source ---|---|--- 2023-04-21 00:30:57+00:00| seen| https://t.me/cibsecurity/62554 2023-04-24 14:49:04+00:00| seen| https://t.me/truesecator/4314 2023-05-03 07:40:16+00:00| seen| https://t.me/thehackernews/3307 2023-05-03 08:11:43+00:00| seen|...