CVE-2026-23873

creationtimestamp| type| source ---|---|--- 2026-01-22 01:53:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mcy3bo4nqh2i 2026-01-22 09:22:06+00:00| seen| https://gist.github.com/Darkcrai86/110313fec3aa5ef807926a3e32054cfb...

CVE-2022-23873

Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via 'userfirstname' parameter...

CVE-2020-23873

pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump...

CVE-2025-23873

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Anshi Solutions Category D3 Tree category-d3-tree allows Stored XSS.This issue affects Category D3 Tree: from n/a through = 1.1...

CVE-2024-23873

creationtimestamp| type| source ---|---|--- 2024-01-26 11:26:57+00:00| seen| https://t.me/ctinow/174152 2024-02-19 14:21:40+00:00| seen| https://t.me/ctinow/187678...

CVE-2024-23873

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/currencymodify.php, in the currencyid parameter. Exploitation of this vulnerabilit...

CVE-2024-23873 Cross-Site Scripting (XSS) vulnerability in Cups Easy

A vulnerability has been reported in Cups Easy Purchase & Inventory, version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting XSS vulnerability via /cupseasylive/currencymodify.php, in the currencyid parameter. Exploitation of this vulnerabilit...

CVE-2024-23873

CVE-2024-23873 affects Cups Easy (Purchase & Inventory) v1.0. The vulnerability is an XSS due to insufficient encoding of the currencyid parameter on /cupseasylive/currencymodify.php. An authenticated user could be targeted via a crafted URL to exfiltrate session cookies. Multiple sources (NVD, C...

CVE-2023-23873

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Flector BBSpoiler plugin = 2.01 versions...

CVE-2023-23873

CVE-2023-23873 is a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin BBSpoiler (Flector BBSpoiler) with affected versions

CVE-2022-23873

CVE-2022-23873 affects Victor CMS v1.0, where a SQL injection vulnerability exists in the 'user_firstname' parameter. Multiple connected sources (NVD entry, Red Hat advisory, CNVD/CNNVD variants) describe lack of input validation allowing an attacker to inject SQL commands, potentially impacting ...

CVE-2022-23873

Victor CMS v1.0 was discovered to contain a SQL injection vulnerability that allows attackers to inject arbitrary commands via 'userfirstname' parameter...

CVE-2020-23873

creationtimestamp| type| source ---|---|--- 2021-11-11 00:36:52+00:00| seen| https://t.me/cibsecurity/32212...

CVE-2020-23873

pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump...

CVE-2020-23873

pdf2xml v2.0 was discovered to contain a heap-buffer overflow in the function TextPage::dump...

CVE-2020-23873

CVE-2020-23873 concerns pdf2xml v2.0, which has a reported heap-buffer overflow in the function TextPage::dump() . The vulnerability affects pdf2xml version 2.0 and is described with a CVSS v3.1 base score of 9.8 (CRITICAL) with network attack vector, no privileges required, and no user interacti...

CVE-2021-23873

CVE-2021-23873 affects McAfee Total Protection (MTP) prior to version 16.0.30. The vulnerability is a local privilege escalation via manipulation of directory junctions in the QuickClean component, allowing a local attacker to gain SYSTEM privileges and perform arbitrary file deletions, potential...