Lucene search
K

25 matches found

Packet Storm
Packet Storm
added 2025/12/03 12:0 a.m.156 views

📄 MobileDetect 2.8.31 Cross Site Scripting

MobileDetect version 2.8.31 suffers from a cross site scripting vulnerability. Exploit Title: MobileDetect 2.8.31 - Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/serbanghita/Mobile-Detect/ Software Link:...

6.1CVSS6.4AI score0.02634EPSS
Exploits2
Exploit DB
Exploit DB
added 2025/12/03 12:0 a.m.168 views

MobileDetect 2.8.31 - Cross-Site Scripting (XSS)

Exploit Title: MobileDetect 2.8.31 - Cross-Site Scripting XSS Date: 2025-11-25 Exploit Author: CodeSecLab Vendor Homepage: https://github.com/serbanghita/Mobile-Detect/ Software Link: https://github.com/serbanghita/Mobile-Detect/ Version: 4da80e5 Tested on: Windows CVE : CVE-2018-25080 Proof Of...

6.1CVSS4.8AI score0.02634EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/05/23 1:25 a.m.6 views

CVE-2022-25080

TOTOLink A830R V5.9c.4729B20191112 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS8.6AI score0.0322EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:29 p.m.5 views

CVE-2018-25080

A vulnerability, which was classified as problematic, has been found in MobileDetect 2.8.31. This issue affects the function initLayoutType of the file examples/sessionexample.php of the component Example. The manipulation of the argument $SERVER'PHPSELF' leads to cross site scripting. The attack...

6.1CVSS6.2AI score0.02634EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2025/02/07 10:11 a.m.10 views

CVE-2025-25080 WordPress Kona Gallery Block plugin <= 1.7 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gubbigubbi Kona Gallery Block kona-instagram-feed-for-gutenberg allows Stored XSS.This issue affects Kona Gallery Block: from n/a through = 1.7...

6.5CVSS8.6AI score0.00264EPSS
Exploits0References1
CVE
CVE
added 2025/02/07 10:11 a.m.50 views

CVE-2025-25080

CVE-2025-25080 is a stored XSS in the WordPress Kona Gallery Block (versions up to 1.7). The vulnerability arises from improper input neutralization during web page generation. Public records identify the affected software as Kona Gallery Block

6.5CVSS7.2AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/07 10:11 a.m.27 views

CVE-2025-25080 WordPress Kona Gallery Block plugin <= 1.7 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gubbigubbi Kona Gallery Block kona-instagram-feed-for-gutenberg allows Stored XSS.This issue affects Kona Gallery Block: from n/a through = 1.7...

6.5CVSS0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/01 12:0 a.m.18 views

CVE-2024-25080

WebMail in Axigen 10.x before 10.3.3.62 allows XSS via the image attachment viewer...

5.8AI score0.00344EPSS
Exploits0References2
OSV
OSV
added 2023/11/14 7:15 p.m.2 views

CVE-2023-25080

Protection mechanism failure in some IntelR Distribution of OpenVINO toolkit software before version 2023.0.0 may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS5.8AI score
Exploits0References1
NVD
NVD
added 2023/11/14 7:15 p.m.11 views

CVE-2023-25080

Protection mechanism failure in some IntelR Distribution of OpenVINO toolkit software before version 2023.0.0 may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS0.00185EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/11/14 7:15 p.m.36 views

CVE-2023-25080

Protection mechanism failure in some IntelR Distribution of OpenVINO toolkit software before version 2023.0.0 may allow an authenticated user to potentially enable information disclosure via local access...

5.5CVSS6.1AI score0.00185EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/11/14 7:4 p.m.13 views

CVE-2023-25080

Protection mechanism failure in some IntelR Distribution of OpenVINO toolkit software before version 2023.0.0 may allow an authenticated user to potentially enable information disclosure via local access...

5.3CVSS5.3AI score0.00185EPSS
Exploits0References1
CVE
CVE
added 2023/11/14 7:4 p.m.46 views

CVE-2023-25080

CVE-2023-25080 affects Intel's OpenVINO toolkit before 2023.0.0, where a protection mechanism failure could allow an authenticated user to disclose information via local access. The issue is documented across multiple sources (e.g., Intel advisory INTEL-SA-00901 and Red Hat/NVD records) and targe...

5.5CVSS5AI score0.00185EPSS
Exploits0References1Affected Software1
Intel
Intel
added 2023/11/14 12:0 a.m.36 views

Intel® OpenVINO™ Software Advisory

Summary: Potential security vulnerabilities in some Intel® OpenVINO™ software may allow denial of service, information disclosure. Intel is releasing sotfware updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2023-25080 Description: Protection mechanism failur...

7.5CVSS6.2AI score0.00625EPSS
Exploits0
Circl
Circl
added 2023/02/04 12:21 p.m.6 views

CVE-2018-25080

creationtimestamp| type| source ---|---|--- 2023-02-04 12:21:21+00:00| seen| https://t.me/cibsecurity/57518 2025-04-16 14:56:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/12070 2025-12-04 21:02:32+00:00| seen|...

6.1CVSS4.6AI score0.02634EPSS
Exploits2References3
CVE
CVE
added 2023/02/04 7:57 a.m.67 views

CVE-2018-25080

MobileDetect 2.8.31 contains a cross-site scripting (XSS) vulnerability in the examples/session_example.php file (initLayoutType function) caused by improper handling of $_SERVER['PHP_SELF']. The vulnerability can be triggered remotely, and exploitation has been disclosed publicly. Upgrading to M...

6.1CVSS4.8AI score0.02634EPSS
Exploits2References6Affected Software1
Check Point Advisories
Check Point Advisories
added 2022/10/30 12:0 a.m.4 views

TOTOLink A860R Command Injection (CVE-2022-25076; CVE-2022-25078; CVE-2022-25079; CVE-2022-25080; CVE-2022-25081; CVE-2022-25082; CVE-2022-25083; CVE-2022-25084)

A command injection vulnerability exists in TOTOLink A860R. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

7.5CVSS5.3AI score0.24845EPSS
Exploits8
ATTACKERKB
ATTACKERKB
added 2022/02/24 3:15 p.m.86 views

CVE-2022-25080

TOTOLink A830R V5.9c.4729B20191112 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS7.6AI score0.0322EPSS
In wildExploits1References2
NVD
NVD
added 2022/02/24 3:15 p.m.30 views

CVE-2022-25080

TOTOLink A830R V5.9c.4729B20191112 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERYSTRING parameter...

9.8CVSS0.0322EPSS
Exploits1References1
CVE
CVE
added 2022/02/22 10:44 p.m.195 views

CVE-2022-25080

CVE-2022-25080 affects TOTOLink A830R firmware, specifically version V5.9c.4729_B20191112, where the vulnerability is a command injection in the Main function. The issue allows remote attackers to execute arbitrary commands via the QUERY_STRING parameter, with impact described as potential remote...

9.8CVSS9.9AI score0.0322EPSS
In wildExploits1References1Affected Software1
Rows per page
Query Builder