CVE-2022-22789

Charactell - FormStorm Enterprise Account takeover – An attacker can modify add, remove and update passwords file for all the users. The xxusers.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existi...

CVE-2025-22789

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fyrewurks polka dots allows Reflected XSS.This issue affects polka dots: from n/a through 1.2...

CVE-2025-22789

creationtimestamp| type| source ---|---|--- 2025-05-19 17:13:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lpk2zad6yx24...

CVE-2025-22789

CVE-2025-22789 affects the WordPress polka dots theme (versions up to 1.2). Root cause: improper neutralization of input during web page generation, enabling a reflected XSS. Impact: potential script execution in a victim’s browser (CVSS v3.1 base score 7.1; network attack, no privileges, user in...

CVE-2025-22789 WordPress polka dots theme <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fyrewurks polka dots allows Reflected XSS.This issue affects polka dots: from n/a through 1.2...

CVE-2025-22789 WordPress polka dots theme <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in fyrewurks polka dots allows Reflected XSS.This issue affects polka dots: from n/a through 1.2...

ArubaOS 10.3.x < 10.3.1.1 Multiple Vulnerabilities (ARUBA-PSA-2023-006)

The version of ArubaOS installed on the remote host is affected by multiple vulnerabilities: - An unauthenticated Denial of Service DoS vulnerability exists in a service accessed via the PAPI protocol provided by Aruba InstantOS and ArubaOS 10. Successful exploitation of this vulnerability result...

CVE-2023-22789

Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2023-22789 Authenticated Remote Command Execution in Aruba InstantOS or ArubaOS 10 Command Line Interface

Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS 10 command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system...

CVE-2023-22789

CVE-2023-22789 affects Aruba InstantOS and ArubaOS 10 CLI. Multiple authenticated command-injection vulnerabilities allow an attacker with valid credentials to execute arbitrary commands as a privileged OS user. Connected sources also describe related CVEs (22787–22791) affecting the same Aruba p...

CVE-2022-22789

creationtimestamp| type| source ---|---|--- 2022-01-25 22:18:51+00:00| seen| https://t.me/cibsecurity/36256...

CVE-2022-22789

Charactell FormStorm Enterprise contains a vulnerability where an attacker can modify the passwords file (xx_users.ini) used for all users, enabling account takeover. The xx_users.ini stores usernames in cleartext and an obfuscated password, allowing a malicious user to replace an existing passwo...

CVE-2022-22789 Charactell - FormStorm Enterprise Account Take Over

Charactell - FormStorm Enterprise Account takeover – An attacker can modify add, remove and update passwords file for all the users. The xxusers.ini file in the FormStorm folder contains usernames in cleartext and an obfuscated password. Malicious user can take over an account by replacing existi...

CVE-2021-22789

creationtimestamp| type| source ---|---|--- 2021-09-02 20:37:30+00:00| seen| https://t.me/cibsecurity/28240...

CVE-2021-22789

The CVE-2021-22789 entry describes a CWE-119 buffer-boundary vulnerability that could cause a Denial of Service in Schneider Electric Modicon PLCs when updating the controller application with a specially crafted project file. Affected products include Modicon M580 CPU (BMEP*/BMEH*), M340 (BMXP34...

CVE-2020-22789

The CVE-2020-22789 entry concerns an Unauthenticated Stored XSS in FME Server versions 2019.2 and 2020.0 Beta. The underlying issue allows an attacker to escalate to admin privileges by injecting arbitrary script/HTML via the login page, with the XSS executed when an administrator accesses the lo...

Winamp playlist file buffer overflow

Added: 01/31/2006 CVE: CVE-2006-0476 BID: 16410 OSVDB: 22789 Background Winamp is a media player for Windows. Problem A buffer overflow in Winamp allows code execution when a specially crafted playlist file is opened. Resolution Upgrade to Winamp 5.13 or higher. References...