16 matches found
CVE-2020-23697
Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the page feature in admin/index.php...
CVE-2023-23697
creationtimestamp| type| source ---|---|--- 2025-03-21 15:19:39+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8359...
CVE-2025-23697
creationtimestamp| type| source ---|---|--- 2025-01-22 15:20:19+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdo625alr2x 2025-01-22 16:01:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2570...
CVE-2025-23697
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webdeal Podčlánková inzerce podclankova-inzerce allows Reflected XSS.This issue affects Podčlánková inzerce: from n/a through = 2.4.0...
CVE-2025-23697 WordPress Podčlánková inzerce plugin <= 2.4.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in webdeal Podčlánková inzerce podclankova-inzerce allows Reflected XSS.This issue affects Podčlánková inzerce: from n/a through = 2.4.0...
CVE-2025-23697
CVE-2025-23697 is a Reflected XSS in Podčlánková inzerce (WebDeal s.r.o.) WordPress plugin. Affected: Podčlánková inzerce from n/a through 2.4.0. Root cause: improper neutralization of input during web page generation. Base score 7.1 (HIGH) with CVSS3.1: AV=N/AC=L/PR=N/UI=R/S=C/C=L/I=L/A=L. Conne...
CVE-2024-11579 Luxion KeyShot OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Luxion KeyShot OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-11579 Luxion KeyShot OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
Luxion KeyShot OBJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a...
CVE-2024-23697
CVE-2024-23697: A use-after-free in RGXCreateHWRTData_aux (rgxta3d.c) enables possible arbitrary code execution and local kernel privilege escalation. No user interaction required. Documents consistently describe this as a local-privilege escalation vulnerability with kernel impact and do not pro...
CVE-2024-23697
In RGXCreateHWRTDataaux of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-23697
Dell Command | Intel vPro Out of Band, versions before 4.4.0, contain an arbitrary folder delete vulnerability during uninstallation. A locally authenticated malicious user may potentially exploit this vulnerability leading to arbitrary folder deletion...
CVE-2023-23697
The CVE concerns Dell Command | Intel vPro Out of Band, prior to version 4.4.0, with an arbitrary folder deletion vulnerability triggered during uninstallation. A locally authenticated attacker may exploit this to delete folders. Publicly documented impact is limited to uninstallation-time operat...
CVE-2022-23697
CVE-2022-23697 is a remote cross-site scripting vulnerability in HPE OneView, affecting versions prior to 6.6. The issue stems from insufficient data validation/filtering of user-supplied data, leading to possible client-side JavaScript execution. HPE has issued a software update to resolve the v...
CVE-2020-23697
creationtimestamp| type| source ---|---|--- 2021-07-07 00:37:08+00:00| seen| https://t.me/cibsecurity/25946...
CVE-2020-23697
Cross Site Scripting vulnerabilty in Monstra CMS 3.0.4 via the page feature in admin/index.php...
CVE-2020-23697
Monstra CMS 3.0.4 is affected by a Cross-Site Scripting (XSS) vulnerability in the admin/index.php page (via the page feature). An attacker can inject arbitrary JavaScript that runs in the victim’s browser, potentially stealing session cookies and enabling additional browser-based attacks. This C...