MINI-2W58-9CPX-2578

Bulletin has no description...

CVE-2026-2578

creationtimestamp| type| source ---|---|--- 2026-02-17 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0176/...

CVE-2019-2578

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware subcomponent: Advanced UI. The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites...

EUVD-2004-2578

Malware in sbrugna...

CVE-2023-2578

The Buy Me a Coffee WordPress plugin before 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2022-2578

A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /phpaction/createUser.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit...

CVE-2025-2578

creationtimestamp| type| source ---|---|--- 2025-03-28 08:27:38+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9292 2025-03-28 11:53:31+00:00| seen| https://t.me/cvedetector/21391 2025-03-28 23:41:08+00:00| seen| https://infosec.exchange/users/vuldb/statuses/114242700397855015 2025-03-28...

Amazon Linux 2 : edk2 (ALAS-2024-2578)

It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2578 advisory. EDK2 contains a vulnerability when S3 sleep is activated where an Attacker may cause a Division-By-Zero due to a UNIT32 overflow via local access. A successful exploit of this vulnerability may lead to a...

CVE-2024-2578

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5...

CVE-2024-2578 WordPress WP Coder plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5...

CVE-2024-2578

CVE-2024-2578 affects WP Coder (WordPress plugin) with Stored XSS due to improper input handling during page generation in versions up to 3.5. A fix is available in 3.5.1; CVSS metrics vary by source (NVD v3.1 base score 4.8; PatchStack guidance lists ~5.9). No exploitation details are provided b...

CVE-2024-2578 WordPress WP Coder plugin <= 3.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5...

WordPress WP Coder Plugin <= 3.5 is vulnerable to Cross Site Scripting (XSS)

Software WP Coder Type Plugin Vulnerable versions = 3.5 Fixed in 3.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-2578 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID fff15d41931f Credits LeNgocHoa Required privilege Editor Published 18...

CVE-2023-2578

The Buy Me a Coffee WordPress plugin before 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2578 Buy Me a Coffee < 3.7 - Admin+ Stored XSS

The Buy Me a Coffee WordPress plugin before 3.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-2578

The CVE-2023-2578 entry concerns the WordPress plugin Buy Me a Coffee (pre-3.7). The issue is due to insufficient sanitization/escaping of certain settings, enabling Stored XSS for high-privilege users (e.g., admins) even when unfiltered_html is disallowed (such as in multisite). Impact is descri...

SUSE: Security Advisory (SUSE-SU-2023:2578-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : crash (SUSE-SU-2022:2578-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2022:2578-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C Tenable, Inc. The packa...

CVE-2022-2578 SourceCodester Garage Management System createUser.php access control

A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /phpaction/createUser.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit...

CVE-2022-2578 SourceCodester Garage Management System createUser.php access control

A vulnerability, which was classified as critical, has been found in SourceCodester Garage Management System 1.0. This issue affects some unknown processing of the file /phpaction/createUser.php. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit...