CVE-2025-23861

Cross-Site Request Forgery CSRF vulnerability in Zack Katz Debt Calculator debt-calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through = 1.0.1...

CVE-2025-23861

Cross-Site Request Forgery CSRF vulnerability in Zack Katz Debt Calculator debt-calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through = 1.0.1...

CVE-2025-23861 WordPress Debt Calculator plugin <= 1.0.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Zack Katz Debt Calculator debt-calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through = 1.0.1...

CVE-2025-23861 WordPress Debt Calculator plugin <= 1.0.1 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Zack Katz Debt Calculator debt-calculator allows Cross Site Request Forgery.This issue affects Debt Calculator: from n/a through = 1.0.1...

CVE-2025-23861

CVE-2025-23861 is a CSRF vulnerability in Katz Web Services, Inc. Debt Calculator affecting Debt Calculator versions up to 1.0.1. Public details reference a CVSSv3.1 base score of 7.1 (High) with network attack vector, requiring user interaction. The Red Hat advisory confirms CSRF context. The in...

CVE-2022-23861

creationtimestamp| type| source ---|---|--- 2024-10-22 18:48:08+00:00| seen| https://t.me/cvedetector/8626...

CVE-2022-23861

Multiple Stored Cross-Site Scripting vulnerabilities were discovered in Y Soft SAFEQ 6 Build 53. Multiple fields in the YSoft SafeQ web application can be used to inject malicious inputs that, due to a lack of output sanitization, result in the execution of arbitrary JS code. These fields can be...

CVE-2024-23861

creationtimestamp| type| source ---|---|--- 2024-01-26 10:31:30+00:00| seen| https://t.me/ctinow/174117 2024-02-19 15:56:28+00:00| seen| https://t.me/ctinow/187759...

CVE-2024-23861 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/unitofmeasurementcreate.php, in the unitofmeasurementid parameter. Exploitation of...

CVE-2024-23861

Cups Easy (Purchase & Inventory) 1.0 is vulnerable to a Cross‑Site Scripting (XSS) flaw in the endpoint /cupseasylive/unitofmeasurementcreate.php , via the unitofmeasurementid parameter. The issue arises from insufficient encoding of user‑controlled input, enabling an attacker to lure an authenti...

CVE-2023-23861

creationtimestamp| type| source ---|---|--- 2023-03-29 16:15:22+00:00| seen| https://t.me/cibsecurity/61005...

CVE-2023-23861

CVE-2023-23861 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress GMAce plugin (GMAce) versions

CVE-2023-23861 WordPress GMAce Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in German Mesky GMAce plugin = 1.5.2 versions...

CVE-2023-23861 WordPress GMAce Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in German Mesky GMAce plugin = 1.5.2 versions...

WordPress GMAce Plugin <= 1.5.2 is vulnerable to Cross Site Request Forgery (CSRF)

Software GMAce Type Plugin Vulnerable versions = 1.5.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23861 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 5e49c5295a88 Credits Mika Required privilege...

CVE-2021-23861

CVE-2021-23861 affects Bosch VRM and related BVMS/DIVAR IP deployments with VRM installed. The issue allows an administrative user to execute a command that grants access to extended debug functionality, potentially impacting integrity and availability of the installed software. Affected products...

CVE-2021-23861 Possible Access to Debug Functions in Bosch VRM / BVMS

By executing a special command, an user with administrative rights can get access to extended debug functionality on the VRM allowing an impact on integrity or availability of the installed software. This issue also affects installations of the DIVAR IP and BVMS with VRM installed...

CVE-2020-23861

CVE-2020-23861 affects LibreDWG 0.10.1. A heap-based buffer overflow occurs in the libredwg-0.10.1/src/decode_r2007.c:666:5 within read_system_page, leading to a denial of service when processing a DWG file. The vulnerability is documented across multiple feeds (NVD/Red Hat/SUSE/CNVD et al.), con...

Product update: Virtuozzo Infrastructure Platform 3.0 Update 1 (3.0.1-55)

This update provides a new feature as well as stability and usability fixes. Vulnerability id: VSTOR-23861 Wrong details were reported for software RAID partitions. Vulnerability id: VSTOR-24687 Log rotation could lead to agent restart. Vulnerability id: VSTOR-24814 Network configuration was not...

Unfixed XSS vulnerability at www.ebit.com.br

Security researcher mygotmanoel, has submitted on 14/02/2008 a cross-site-scripting XSS vulnerability affecting www.ebit.com.br, which at the time of submission ranked 23861 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 03/04/2008. It is...