CVE-2025-23860 WordPress Charity-thermometer plugin <= 1.1.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in crea8xion Charity-thermometer charitydonation-thermometer allows Stored XSS.This issue affects Charity-thermometer: from n/a through = 1.1.2...

CVE-2025-23860

CVE-2025-23860 is a Stored XSS in Eyouth { rob.panes } Charity-thermometer affecting Charity-thermometer versions from n/a up to 1.1.2. The Red Hat entry repeats the same description; Wordfence notes Unpatched status for the Charity-thermometer vulnerability and lists SOPROBRO as researcher. No p...

CVE-2024-23860

creationtimestamp| type| source ---|---|--- 2024-01-26 10:31:29+00:00| seen| https://t.me/ctinow/174116 2024-02-19 15:56:27+00:00| seen| https://t.me/ctinow/187758...

CVE-2024-23860

CVE-2024-23860 affects Cups Easy (Purchase & Inventory) version 1.0. The vulnerability is a Cross-Site Scripting (XSS) in the description parameter of /cupseasylive/currencylist.php caused by insufficient encoding of user-controlled input. Exploitation could allow a remote attacker to lure an aut...

SAP NetWeaver AS ABAP Multiple Vulnerabilities (Feb 2023)

SAP NetWeaver Application Server for ABAP and ABAP Platform is affected by multiple vulnerabilities, including the following: - SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a malicious lin...

CVE-2023-23860

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive...

CVE-2023-23860

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive...

CVE-2023-23860

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which when clicked by an unsuspecting user can be used to redirect a user to a malicious site which could read or modify some sensitive...

CVE-2023-23860

CVE-2023-23860—SAP NetWeaver ABAP/ABAP Platform : Affects versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790. The issue allows an unauthenticated attacker to craft a link which, when clicked by a user, can redirect to a malicious site and potentially read/modify sensitive information ...

CVE-2021-23860

creationtimestamp| type| source ---|---|--- 2021-12-09 00:24:13+00:00| seen| https://t.me/cibsecurity/33660...

CVE-2021-23860

CVE-2021-23860 describes a reflected XSS in Bosch VRM/web interfaces due to an error in a page handler that allows an attacker to modify the HTTP header to exploit the vulnerability. The issue also affects DIVAR IP and BVMS with VRM installed. Publicly available details identify the affected comp...

CVE-2021-23860 Reflected Cross Site Scripting (XSS) vulnerability in Bosch VRM / BVMS

An error in a page handler of the VRM may lead to a reflected cross site scripting XSS in the web-based interface. To exploit this vulnerability an attack must be able to modify the HTTP header that is sent. This issue also affects installations of the DIVAR IP and BVMS with VRM installed...

Command execution vulnerability in DBShop system (CNVD-2019-23860)

DBShop is an e-commerce system. A command execution vulnerability exists in the DBShop system that can be exploited by an attacker to gain server privileges...