CVE-2026-23975

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Golo golo allows PHP Local File Inclusion.This issue affects Golo: from n/a through 1.7.5...

CVE-2020-23975

Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter...

CVE-2021-23975

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects...

CVE-2025-23975

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cheesefather Botnet Attack Blocker botnet-attack-blocker allows Stored XSS.This issue affects Botnet Attack Blocker: from n/a through = 2.0.0...

CVE-2025-23975

CVE-2025-23975 is a Stored XSS in the WordPress Botnet Attack Blocker plugin (vulnerable:

CVE-2025-23975 WordPress Botnet Attack Blocker plugin <= 2.0.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cheesefather Botnet Attack Blocker botnet-attack-blocker allows Stored XSS.This issue affects Botnet Attack Blocker: from n/a through = 2.0.0...

CVE-2023-23975

Missing Authorization vulnerability in Fullworks Quick Event Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Quick Event Manager: from n/a through 9.7.4...

CVE-2023-23975

The CVE-2023-23975 entry concerns the WordPress Quick Event Manager plugin (versions

CVE-2024-11514 IrfanView ECW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

IrfanView ECW File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a...

CVE-2024-11514

CVE-2024-11514 – IrfanView : The issue stems from parsing ECW files in IrfanView, where the length of user-supplied data is not properly validated before copying to a heap-based buffer, causing a heap-based buffer overflow. This can lead to arbitrary code execution in the attacker’s context. Expl...

CVE-2024-23975

SQL injection vulnerability exists in GetDIAEslogListParameters...

CVE-2024-23975

Delta Electronics DIAEnergie SQL injection (CVE-2024-23975) affects DIAEnergie prior to v1.10.00.005. The vulnerability is in the GetDIAE_slogListParameters function, enabling SQL injection that could allow an attacker to view/modify/delete data in the back-end database. The ICS advisory cites re...

CVE-2024-23975 Delta Electronics DIAEnergie SQL injection

SQL injection vulnerability exists in GetDIAEslogListParameters...

WordPress Quick Event Manager Plugin <= 9.7.4 is vulnerable to Broken Access Control

Software Quick Event Manager Type Plugin Vulnerable versions = 9.7.4 Fixed in 9.7.5 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-23975 Patch priority Low CVSS severity Low 5.3 Developer Fullworks Plugins PSID 7294748abf10 Credits yuyudhn Required...

CVE-2022-23975

creationtimestamp| type| source ---|---|--- 2022-04-18 20:29:38+00:00| seen| https://t.me/cibsecurity/41039...

CVE-2022-23975

Cross-Site Request Forgery CSRF in Access Demo Importer = 1.0.7 on WordPress allows an attacker to activate any installed plugin...

CVE-2022-23975

CVE-2022-23975 affects the WordPress Access Demo Importer plugin (versions

Mozilla Firefox Security Advisory (MFSA2021-07) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2021-07. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

CVE-2021-23975

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects...

CVE-2021-23975

The developer page about:memory has a Measure function for exploring what object types the browser has allocated and their sizes. When this function was invoked we incorrectly called the sizeof function, instead of using the API method that checks for invalid pointers. This vulnerability affects...