CVE-2026-23978

creationtimestamp| type| source ---|---|--- 2026-01-22 17:38:23+00:00| seen| https://gist.github.com/Darkcrai86/b5dfbf9071f596f9d7f847f7c6ebfd1c...

CVE-2026-23978

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Softwebmedia Gyan Elements gyan-elements allows PHP Local File Inclusion.This issue affects Gyan Elements: from n/a through = 2.2.1...

CVE-2025-23978

Cross-Site Request Forgery CSRF vulnerability in Ninos FlashCounter flashcounter allows Stored XSS.This issue affects FlashCounter: from n/a through = 1.1.8...

Linux Distros Unpatched Vulnerability : CVE-2021-23978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mozilla developers reported memory safety bugs present in Firefox 85 and Firefox ESR 78.7. Some of these bugs showed evidence of memory corruption and we presum...

CVE-2025-23978

creationtimestamp| type| source ---|---|--- 2025-01-31 09:16:33+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgznztwskv2e...

CVE-2025-23978 WordPress FlashCounter plugin <= 1.1.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Ninos FlashCounter flashcounter allows Stored XSS.This issue affects FlashCounter: from n/a through = 1.1.8...

CVE-2025-23978 WordPress FlashCounter plugin <= 1.1.8 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Ninos FlashCounter flashcounter allows Stored XSS.This issue affects FlashCounter: from n/a through = 1.1.8...

CVE-2025-23978

CVE-2025-23978 details (FlashCounter WordPress plugin): CSRF leads to Stored XSS in FlashCounter, affecting versions up to 1.1.8. Connected sources confirm the vendor/plugin vulnerability and affected range, with no public patch/version fix provided in the supplied documents. Monitor for updates ...

CVE-2024-23978

creationtimestamp| type| source ---|---|--- 2024-02-02 08:31:36+00:00| seen| https://t.me/ctinow/177976 2024-02-25 08:06:47+00:00| seen| https://t.me/ctinow/192770...

CVE-2024-23978

CVE-2024-23978 affects HOME SPOT CUBE2 (V102 and earlier). The root cause is a heap-based buffer overflow triggered by processing invalid values, potentially allowing arbitrary code execution. The product is no longer supported, and the provided documents do not list a public fix. Some sources su...

CVE-2023-23978

Summary: CVE-2023-23978 affects the WordPress plugin “SwitchWP WP Client Reports” (WP Client Reports) and its vulnerable line is versions ≤ 1.0.16. The vulnerability is described as an exposure of sensitive information to an unauthorized actor. The Patchstack entry confirms a fix in version 1.0.1...

WordPress WP Client Reports Plugin <= 1.0.16 is vulnerable to Sensitive Data Exposure

Software WP Client Reports Type Plugin Vulnerable versions = 1.0.16 Fixed in 1.0.17 OWASP Top 10 A5: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2023-23978 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1a6f275a92fe Credits Rafshanzani Suhada...

Mageia: Security Advisory (MGASA-2021-0097)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisory (MFSA2021-07) - Linux

The remote host is missing an update for Mozilla Firefox, announced via the advisory MFSA2021-07. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-on...

SUSE SLES11 Security Update : MozillaFirefox (SUSE-SU-2021:14657-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14657-1 advisory. - If Content Security Policy blocked frame navigation, the full destination of a redirect served in the frame was reported in the violation...

SUSE: Security Advisory (SUSE-SU-2021:0659-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:14657-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud Pak for Multicloud Management Monitoring

Summary Multiple vulnerabilities in Mozilla Firefox affect IBM Cloud Pak for Multicloud Management Monitoring. Vulnerability Details CVEID: CVE-2021-23978 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by memory safety bugs within the...

Security Bulletin: Multiple vulnerabilities of Mozilla Firefox (less than Firefox 78.9.0 ESR + CVE-2021-23978) have affected Synthetic Playback Agent 8.1.4.0-8.1.4 IF13 + CP4MCM2.2

Summary Synthetic Playback Agent has addressed the following vulnerabilities: CVE-2021-23978, CVE-2021-23968, CVE-2021-23969, CVE-2021-23973 Vulnerability Details CVEID: CVE-2021-23978 DESCRIPTION: Mozilla Firefox could allow a remote attacker to execute arbitrary code on the system, caused by...

Ubuntu: Security Advisory (USN-4936-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...