23 matches found
CVE-2026-25787
creationtimestamp| type| source ---|---|--- 2026-05-12 11:11:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mlnnpkhaew2g 2026-05-12 11:29:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlnor6rqcr2n 2026-05-13 13:51:56+00:00| seen|...
CVE-2026-25787
Affected devices do not properly validate and sanitize Technology Object TO name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the...
CVE-2020-25787
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...
CVE-2022-25787
Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7...
CVE-2023-25787
creationtimestamp| type| source ---|---|--- 2023-05-03 14:30:53+00:00| seen| https://t.me/cibsecurity/63207...
CVE-2023-25787
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wbolt team WP资源下载管理 plugin = 1.3.9 versions...
CVE-2023-25787
CVE-2023-25787 affects the WordPress plugin WP资源下载管理 (Download Info Page) versions ≤ 1.3.9. It enables an authenticated administrator (admin+) to perform a Stored Cross-Site Scripting (XSS) attack due to insufficient sanitisation/escaping of certain settings within the plugin. The issue is rooted...
CVE-2023-25787 WordPress WP资源下载管理 Plugin <= 1.3.9 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Wbolt team WP资源下载管理 plugin = 1.3.9 versions...
CVE-2022-25787
creationtimestamp| type| source ---|---|--- 2022-05-04 18:35:09+00:00| seen| https://t.me/cibsecurity/41914...
CVE-2022-25787
Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7...
CVE-2022-25787
The CVE concerns Secomea GateManager, specifically its LMM API: Information Exposure Through Query Strings in GET requests can leak information via the GATE LMM API, allowing a local attacker (or an admin) to hijack connections. Affected are all GateManager versions prior to 9.7. The root cause i...
MariaDB DoS Vulnerability (MDEV-25787) - Linux
MariaDB is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if...
Tiny Tiny RSS Remote Code Execution (CVE-2020-25787)
A remote code execution vulnerability exists in Tiny Tiny RSS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Tiny Tiny RSS - Remote Code Execution Exploit
Exploit Title: Tiny Tiny RSS - Remote Code Execution Exploit Author: Daniel Neagaru & Benjamin Nadarević Blog post: https://www.digeex.de/blog/tinytinyrss/ Software Link: https://git.tt-rss.org/fox/tt-rss Version: all before 2020-09-16 Commit with the fixes:...
TinyTinyRSS Remote Code Execution
!/usr/bin/env python3 Exploit Title: TinyTinyRSS remote code execution Date: 21 September 2020 made public Exploit Author: Daniel Neagaru & Benjamin Nadarević Blog post: https://www.digeex.de/blog/tinytinyrss/ Software Link: https://git.tt-rss.org/fox/tt-rss Version: all before 2020-09-16 Commit...
Tiny Tiny RSS - Remote Code Execution
Exploit Title: Tiny Tiny RSS - Remote Code Execution Date: 21/09/2020 Exploit Author: Daniel Neagaru & Benjamin Nadarević Blog post: https://www.digeex.de/blog/tinytinyrss/ Software Link: https://git.tt-rss.org/fox/tt-rss Version: all before 2020-09-16 Commit with the fixes:...
CVE-2020-25787
creationtimestamp| type| source ---|---|--- 2020-12-31 19:27:18+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1810 2021-09-21 06:42:51+00:00| published-proof-of-concept| https://t.me/pwnwikizhchannel/133 2024-11-14 06:08:16+00:00| seen|...
FreeBSD : tt-rss -- multiple vulnerabilities (2eec1e85-faf3-11ea-8ac0-4437e6ad11c4)
tt-rss project reports : The cachedurl feature mishandles JavaScript inside an SVG document. imgproxy in plugins/afproxyhttp/init.php mishandles $REQUEST'url' in an error message. It does not validate all URLs before requesting them. Allows remote attackers to execute arbitrary PHP code via a...
DEBIAN-CVE-2020-25787
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...
CVE-2020-25787
An issue was discovered in Tiny Tiny RSS aka tt-rss before 2020-09-16. It does not validate all URLs before requesting them...