CVE-2023-24655

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Profile Update function...

CVE-2021-24655

The WP User Manager WordPress plugin before 2.6.3 does not ensure that the user ID to reset the password of is related to the reset key given. As a result, any authenticated user can reset the password to an arbitrary value of any user knowing only their ID, and gain access to their account...

CVE-2025-24655

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Wishlist wishlist allows Reflected XSS.This issue affects Wishlist: from n/a through = 1.0.39...

CVE-2025-24655 WordPress Wishlist Plugin <= 1.0.39 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PickPlugins Wishlist wishlist allows Reflected XSS.This issue affects Wishlist: from n/a through = 1.0.39...

CVE-2023-24655

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Profile Update function...

CVE-2023-24655

CVE-2023-24655 affects Simple Customer Relationship Management System v1.0. A SQL injection flaw exists in the Profile Update function via the name parameter, enabling potentially arbitrary SQL execution. The CVSS 3.1 vector indicates a network attack with no user interaction and requires no priv...

CVE-2023-24655

Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Profile Update function...

CVE-2021-24655

creationtimestamp| type| source ---|---|--- 2022-07-17 14:27:44+00:00| seen| https://t.me/cibsecurity/46386...

CVE-2021-24655

The WP User Manager WordPress plugin (≤ 2.6.3) has a vulnerability where the password reset mechanism does not verify that the reset key maps to the targeted user ID. An authenticated attacker who knows a user’s ID can reset that user’s password to an arbitrary value, gaining account access. A pa...

CVE-2022-24655

creationtimestamp| type| source ---|---|--- 2022-03-18 18:04:05+00:00| seen| https://t.me/cibsecurity/39196...

CVE-2022-24655

A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication...

CVE-2022-24655

CVE-2022-24655 is a reported stack overflow vulnerability in the upnpd service affecting Netgear EX6100v1 (firmware 201.0.2.28), CAX80 (2.1.2.6), and DC112A (1.0.0.62). The root cause is a stack overflow in upnpd, which may allow execution of arbitrary code without authentication. Affected produc...

CVE-2020-24655

A race condition in the Twilio Authy 2-Factor Authentication application before 24.3.7 for Android allows a user to potentially approve/deny an access request prior to unlocking the application with a PIN on older Android devices effectively bypassing the PIN requirement...

CVE-2020-24655

The CVE-2020-24655 entry concerns the Twilio Authy 2-Factor Authentication Android app, affected only for versions prior to 24.3.7. A race condition could allow a user to approve or deny an access request before unlocking the app with a PIN on older Android devices, effectively bypassing the PIN ...