MINI-2665-28JF-CH7V

Bulletin has no description...

CVE-2026-2665

A vulnerability was detected in huanzi-qch base-admin up to 57a8126bb3353a004f3c7722089e3b926ea83596. Impacted is the function Upload of the file SysFileController.java of the component JSP Parser. Performing a manipulation of the argument File results in unrestricted upload. The attack can be...

MiracleLinux 4 : rh-mysql56-mysql-5.6.39-1.AXS4.1 (AXSA:2018-2638:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2638:01 advisory. mysql: sha256password authentication DoS via long password CVE-2018-2696 mysql: Server : Partition unspecified vulnerability CPU Jan 2018...

MiracleLinux 7 : rh-mysql56-mysql-5.6.39-1.el7.1 (AXSA:2018-2639:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2639:01 advisory. mysql: sha256password authentication DoS via long password CVE-2018-2696 mysql: Server : Partition unspecified vulnerability CPU Jan 2018...

CVE-2024-2665

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button in all versions up to, and including, 4.10.27 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2023-2665

Storage of Sensitive Data in a Mechanism without Access Control in GitHub repository francoisjacquet/rosariosis prior to 11.0...

CVE-2022-2665

A vulnerability classified as critical was found in SourceCodester Simple E-Learning System. Affected by this vulnerability is an unknown functionality of the file classroom.php. The manipulation of the argument postid leads to sql injection. The attack can be launched remotely. The exploit has...

CVE-2025-2665

A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate th...

CVE-2025-2665 PHPGurukul Online Security Guards Hiring System bwdates-reports-details.php sql injection

A vulnerability was found in PHPGurukul Online Security Guards Hiring System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/bwdates-reports-details.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to initiate th...

CVE-2025-2665

The CVE-2025-2665 entry concerns PHPGurukul Online Security Guards Hiring System 1.0. The vulnerability is an SQL injection in the admin/bwdates-reports-details.php module, triggered by manipulation of the fromdate/todate parameters. It is possible to initiate the attack remotely, and the exploit...

Linux Distros Unpatched Vulnerability : CVE-2018-2665

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.58 and prior, 5.6.38 a...

CVE-2020-2665

Vulnerability in the Oracle iSupport product of Oracle E-Business Suite component: Others. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iSupport...

Huawei EulerOS: Security Advisory for gdb (EulerOS-SA-2024-2665)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RHEL 6 / 7 : rh-mysql56-mysql (RHSA-2018:0587)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0587 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The...

WordPress Premium Addons for Elementor Plugin <= 4.10.27 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.27 Fixed in 4.10.28 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2665 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID cacdff610a83 Credits Dau Hoang Tai...

CVE-2024-2665 Premium Addons for Elementor <= 4.10.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button in all versions up to, and including, 4.10.27 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-2665

Premium Addons for Elementor (WordPress) is affected up to version 4.10.27. The flaw is a Stored XSS in the plugin’s button due to insufficient input sanitization and output escaping for user-supplied attributes. Exploitation requires authentication at Contributor level or higher and can allow ar...

CVE-2024-2665 Premium Addons for Elementor <= 4.10.27 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button in all versions up to, and including, 4.10.27 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

Huawei EulerOS: Security Advisory for python-requests (EulerOS-SA-2023-2665)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cosign (SUSE-SU-2023:2665-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:2665-1 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's...