15 matches found
CVE-2026-24361
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThimPress LearnPress - Course Review learnpress-course-review allows Stored XSS.This issue affects LearnPress - Course Review: from n/a through = 4.1.9...
CVE-2021-24361
In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gdpopularlocationlist did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues...
CVE-2025-24361 Opening a malicious website while running a Nuxt dev server could allow read-only access to code
Nuxt is an open-source web development framework for Vue.js. Source code may be stolen during dev when using version 3.0.0 through 3.15.12 of the webpack builder or version 3.12.2 through 3.152 of the rspack builder and a victim opens a malicious web site. Because the request for classic script b...
CVE-2025-24361 Opening a malicious website while running a Nuxt dev server could allow read-only access to code
Nuxt is an open-source web development framework for Vue.js. Source code may be stolen during dev when using version 3.0.0 through 3.15.12 of the webpack builder or version 3.12.2 through 3.152 of the rspack builder and a victim opens a malicious web site. Because the request for classic script b...
CVE-2025-24361
The CVE-2025-24361 issue affects Nuxt (Vue.js) dev-server workflow: when using webpack (3.0.0–3.15.12) or rspack (3.12.2–3.152) builders, loading a malicious site can trigger source-code exposure. Attacker can use Function::toString on window.webpackChunknuxt_app values to reveal the Nuxt source....
CVE-2025-24361 Opening a malicious website while running a Nuxt dev server could allow read-only access to code
Nuxt is an open-source web development framework for Vue.js. Source code may be stolen during dev when using version 3.0.0 through 3.15.12 of the webpack builder or version 3.12.2 through 3.152 of the rspack builder and a victim opens a malicious web site. Because the request for classic script b...
CVE-2025-24361
creationtimestamp| type| source ---|---|--- 2025-01-24 23:51:19+00:00| published-proof-of-concept| https://github.com/nuxt/nuxt/security/advisories/GHSA-4gf7-ff8x-hq99 2025-01-25 00:57:37+00:00| seen| https://infosec.exchange/users/cve/statuses/113886275660665490 2025-01-25 01:05:09+00:00|...
CVE-2022-24361
Foxit PDF Reader 11.1.0.52543 is vulnerable to remote code execution due to improper validation during JPEG2000 image parsing, causing a write past the end of an allocated structure. The flaw allows an attacker to execute code in the current process context after the user visits a malicious page ...
CVE-2021-24361
In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gdpopularlocationlist did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues...
CVE-2021-24361
The CVE-2021-24361 issue affects WordPress GeoDirectory Location Manager (prior to 2.1.0.10). The vulnerability arises from insufficient sanitization/validation of POST parameters used in a SQL statement in the AJAX action gd_popular_location_list, enabling unauthenticated SQL injection. Multiple...
[SECURITY] [DLA 2393-1] snmptt security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2393-1 [email protected] https://www.debian.org/lts/security/ Abhijith PA October 01, 2020 https://wiki.debian.org/LTS -...
DEBIAN-CVE-2020-24361
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec...
ALPINE-CVE-2020-24361
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec...
CVE-2020-24361
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknowntrapexec...
CVE-2020-24361
CVE-2020-24361 affects SNMPTT versions prior to 1.4.2, enabling remote code execution via SNMP traps (EXEC, PREXEC, or unknown_trap_exec). Evidence across multiple sources ties the vulnerability to SNMPTT’s trap handling, with Debian and other advisories noting that upgrades to fixed packages (e....