18 matches found
CVE-2024-25594
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Savvy Wordpress Development MyWaze allows Stored XSS.This issue affects MyWaze: from n/a through 1.6...
CVE-2023-25594
creationtimestamp| type| source ---|---|--- 2025-02-27 15:29:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/5696...
CVE-2024-25594
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Savvy Wordpress Development MyWaze allows Stored XSS.This issue affects MyWaze: from n/a through 1.6...
CVE-2024-25594
CVE-2024-25594 is a stored XSS vulnerability in the WordPress plugin MyWaze . The issue affects versions up to and including 1.6 and arises from improper input handling in the plugin’s shortcode attributes, allowing injected scripts to execute when pages are viewed. Public details confirm the vul...
CVE-2024-25594 WordPress MyWaze Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Savvy Wordpress Development MyWaze allows Stored XSS.This issue affects MyWaze: from n/a through 1.6...
WordPress MyWaze Plugin <= 1.6 is vulnerable to Cross Site Scripting (XSS)
Software MyWaze Type Plugin Vulnerable versions = 1.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-25594 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7c3e16f49118 Credits Ngô Thiên An ancorn from VNPT-VCI Required privileg...
CVE-2023-25594
A vulnerability in the web-based management interface of ClearPass Policy Manager allows an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of this vulnerability allows an attacker to...
CVE-2023-25594
A vulnerability in the web-based management interface of ClearPass Policy Manager allows an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of this vulnerability allows an attacker to...
CVE-2023-25594
CVE-2023-25594 concerns Aruba Networks ClearPass Policy Manager, where an attacker with read-only privileges can perform state-changing actions in the web-based management interface. The underlying issue is an authorization bypass that permits higher-impact operations than the attacker’s permissi...
CVE-2023-25594 Authorization Bypass Leading to Privilege Escalation in ClearPass Policy Manager Web-Based Management Interface
A vulnerability in the web-based management interface of ClearPass Policy Manager allows an attacker with read-only privileges to perform actions that change the state of the ClearPass Policy Manager instance. Successful exploitation of this vulnerability allows an attacker to...
CVE-2022-25594
creationtimestamp| type| source ---|---|--- 2022-04-07 22:50:05+00:00| seen| https://t.me/cibsecurity/40311...
CVE-2022-25594
CVE-2022-25594 concerns Microprogram’s Parking Lot Management System. The vulnerability enables an unauthorized remote attacker to input specific URLs to obtain partial system configuration information, leading to exposure of sensitive data. Documented as a network-accessible issue with low attac...
CVE-2022-25594 Microprogram parking lot management system - Exposure of Sensitive Information to an Unauthorized Actor
Microprogram’s parking lot management system is vulnerable to sensitive information exposure. An unauthorized remote attacker can input specific URLs to acquire partial system configuration information...
CVE-2020-25594
creationtimestamp| type| source ---|---|--- 2021-02-01 19:25:10+00:00| seen| https://t.me/cibsecurity/22896...
CVE-2020-25594
CVE-2020-25594 affects HashiCorp Vault and Vault Enterprise. The issue allowed unauthenticated HTTP requests to enumerate Secrets Engine mount paths. This was fixed in Vault 1.6.2 and Vault Enterprise 1.5.7. The connected sources confirm the vulnerability description and the remediation versions;...
CVE-2020-25594
HashiCorp Vault and Vault Enterprise allowed for enumeration of Secrets Engine mount paths via unauthenticated HTTP requests. Fixed in 1.6.2 & 1.5.7...
Microsoft SQL Server Distributed Management Objects buffer overflow
Added: 10/11/2007 CVE: CVE-2007-4814 BID: 25594 OSVDB: 38399 Background Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the sqldmo.dll Activ...
Microsoft SQL Server Distributed Management Objects buffer overflow
Added: 10/11/2007 CVE: CVE-2007-4814 BID: 25594 OSVDB: 38399 Background Microsoft SQL Server includes a Distributed Management Object model which offers a modern, object-oriented alternative to using stored procedures. The Distributed Management Object model is implemented by the sqldmo.dll Activ...