14 matches found
CVE-2026-24404
creationtimestamp| type| source ---|---|--- 2026-01-24 03:24:39+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3md5bc77w5e2n...
CVE-2026-24404
iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, CIccXmlArrayType contains a Null Pointer Dereference and Undefined Behavior vulnerability. This occurs when user-controllable input is unsafely...
CVE-2025-24404
creationtimestamp| type| source ---|---|--- 2025-09-06 14:14:55+00:00| seen| https://seclists.org/oss-sec/2025/q3/152 2025-09-06 16:42:23+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3ly6mlrjpms2i 2025-09-09 10:07:17+00:00| seen|...
CVE-2023-24404
Reflected Cross-Site Scripting XSS vulnerability in VryaSage Marketing Performance plugin = 2.0.0 versions...
CVE-2021-24404
The options.php file of the WP-Board WordPress plugin through 1.1 beta accepts a postid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is passed twice so ...
CVE-2022-24404
CVE-2022-24404 describes a lack of ciphertext authentication in TETRA’s Air Interface Encryption (AIE)/TEA1, enabling an active attacker to perform bit-by-bit manipulations of the intercepted traffic (ciphertext malleability) and alter cleartext data. The root cause is absence of integrity/authen...
CVE-2023-24404 WordPress Marketing Performance Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Reflected Cross-Site Scripting XSS vulnerability in VryaSage Marketing Performance plugin = 2.0.0 versions...
CVE-2023-24404
CVE-2023-24404 : Affected product is the WordPress Marketing Performance plugin (
CVE-2023-24404 WordPress Marketing Performance Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Reflected Cross-Site Scripting XSS vulnerability in VryaSage Marketing Performance plugin = 2.0.0 versions...
WordPress Marketing Performance Plugin <= 2.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Marketing Performance Type Plugin Vulnerable versions = 2.0.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24404 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 68bd528dfd1b Credits Nithissh S Requir...
CVE-2021-24404
The options.php file of the WP-Board WordPress plugin through 1.1 beta accepts a postid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is passed twice so ...
CVE-2021-24404
The CVE-2021-24404 entry concerns the WP-Board WordPress plugin (versions up to 1.1 beta). The vulnerability is a SQL injection in options.php where the postid parameter is not sanitized, escaped, or validated before being inserted into a SQL statement. The issue is described as a time-based SQLi...
CVE-2021-24404 WP-Board <= 1.1 (beta) - Unauthenticated SQL Injection
The options.php file of the WP-Board WordPress plugin through 1.1 beta accepts a postid parameter which is not sanitised, escaped or validated before inserting to a SQL statement, leading to SQL injection. This is a time based SQLI and in the same function vulnerable parameter is passed twice so ...
CVE-2020-24404
Summary (CVE-2020-24404): Magento Open Source platforms 2.4.0 and 2.3.5p1 (and earlier) have an incorrect permissions vulnerability in the Integrations component. It can be exploited by users who have Pages resource permissions to delete CMS pages via the REST API without authorization, exposing ...