EUVD-2005-2352

Malware in sbrugna...

CVE-2014-2352

creationtimestamp| type| source ---|---|--- 2025-10-03 17:02:20+00:00| seen| Telegram/S-mKPDA33fLHDFZO7fdPkneF0R1HThpbcGHFm84UZQGD6L4...

Linux Distros Unpatched Vulnerability : CVE-2011-2352

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebKit, as used in Apple iTunes before 10.5, allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service memory corruption and...

CVE-2022-2352

The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example...

CVE-2013-2352

LeftHand OS aka SAN iQ 10.5 and earlier on HP StoreVirtual Storage devices does not provide a mechanism for disabling the HP Support challenge-response root-login feature, which makes it easier for remote attackers to obtain administrative access by leveraging knowledge of an unused one-time...

CVE-2025-2352

creationtimestamp| type| source ---|---|--- 2025-03-16 23:48:52+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/7727 2025-03-17 01:35:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lkjzblzy7f2l 2025-03-17 02:24:45+00:00| seen| https://t.me/cvedetector/20...

CVE-2025-2352

A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/indexConfigs/save of the component Backend. The manipulation of the argument categoryName leads to cross site scripting. The attack may...

CVE-2025-2352 StarSea99 starsea-mall Backend save cross site scripting

A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/indexConfigs/save of the component Backend. The manipulation of the argument categoryName leads to cross site scripting. The attack may...

CVE-2025-2352

The CVE-2025-2352 entry concerns StarSea99 starsea-mall 1.0 Backend, specifically a cross-site scripting flaw in /admin/indexConfigs/save via the categoryName parameter. The vulnerability is exploitable remotely, with the exploit disclosed publicly. Public details indicate unknown/untested impact...

CVE-2024-2352

creationtimestamp| type| source ---|---|--- 2024-03-10 03:26:43+00:00| seen| https://t.me/ctinow/204103 2024-03-10 03:26:45+00:00| seen| https://t.me/ctinow/204105...

CVE-2024-2352

1Panel up to 1.10.1-lts is affected by CVE-2024-2352 via command injection in the function baseApi.UpdateDeviceSwap (file /api/v1/toolbox/device/update/swap). The issue arises from untrusted input in the Path argument (example: 123123123\nopen -a Calculator), which can be exploited remotely. Publ...

Amazon Linux 2 : xorg-x11-server (ALAS-2023-2352)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2352 advisory. A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration a multi-screen setup with multiple protocol screens, also known as Zaphod...

CVE-2023-2352

creationtimestamp| type| source ---|---|--- 2023-08-31 12:13:03+00:00| seen| https://t.me/cibsecurity/69524...

CVE-2023-2352 CHP Ads Block Detector <= 3.9.4 - Cross-Site Request Forgery via chp_abd_action

The CHP Ads Block Detector plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.9.4. This is due to missing or incorrect nonce validation on the chpabdaction function. This makes it possible for unauthenticated attackers to update or reset plugin...

CVE-2023-2352

CVE-2023-2352 concerns the CHP Ads Block Detector WordPress plugin. The WordPress plugin is vulnerable to Cross-Site Request Forgery due to missing or incorrect nonce validation in the chp_abd_action function, affecting versions up to and including 3.9.4. This allows unauthenticated attackers to ...

CVE-2022-2352

creationtimestamp| type| source ---|---|--- 2022-09-26 16:21:55+00:00| seen| https://t.me/cibsecurity/50472 2025-05-21 19:42:50+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/17180...

CVE-2022-2352

The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example...

CVE-2022-2352

CVE-2022-2352 affects the WordPress Post SMTP Mailer/Email Log plugin prior to 2.1.7. The issue is lack of proper authorization in certain AJAX actions, enabling high-privilege users (e.g., admins) to perform blind SSRF on multisite installations. Remediation is to update to version 2.1.7 or late...

CVE-2022-2352 Post SMTP < 2.1.7 - Admin+ Blind SSRF

The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example...

CVE-2022-2352 Post SMTP < 2.1.7 - Admin+ Blind SSRF

The Post SMTP Mailer/Email Log WordPress plugin before 2.1.7 does not have proper authorisation in some AJAX actions, which could allow high privilege users such as admin to perform blind SSRF on multisite installations for example...