CVE-2024-27995 WordPress ARMember plugin <= 4.0.23 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup allows Stored XSS.This issue affects ARMember – Membership Plugin, Content Restrictio...

CVE-2024-27995

CVE-2024-27995 (ARMember) : The vulnerability is an authenticated (Administrator+) stored cross-site scripting flaw in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup. The issue arises from improper neutralization of input during web...

CVE-2024-27995 WordPress ARMember plugin <= 4.0.23 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup allows Stored XSS.This issue affects ARMember – Membership Plugin, Content Restrictio...

WordPress ARMember Plugin <= 4.0.23 is vulnerable to Cross Site Scripting (XSS)

Software ARMember Type Plugin Vulnerable versions = 4.0.23 Fixed in 4.0.24 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27995 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a530dd76b60e Credits Van Lyubov Required privilege Administrator...

CVE-2023-27995

creationtimestamp| type| source ---|---|--- 2023-04-11 20:23:43+00:00| seen| https://t.me/cibsecurity/61899...

CVE-2023-27995

A improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an authenticated, remote attacker to execute arbitrary code via a crafted payload...

CVE-2023-27995

A improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an authenticated, remote attacker to execute arbitrary code via a crafted payload...

CVE-2023-27995

Fortinet FortiSOAR is affected by CVE-2023-27995 due to improper neutralization of special elements used in a template engine. The vulnerability exists in FortiSOAR versions 7.3.0 through 7.3.1 and allows an authenticated, remote attacker to execute arbitrary code via a crafted payload in the tem...

Zoho ManageEngine Applications Manager SQL Injection (CVE-2020-27995)

A SQL injection vulnerability exists in the Zoho ManageEngine Applications Manager. The vulnerability is due to improper validation of user-supplied input in processing MyPage.do action...

CVE-2020-27995

SQL Injection in Zoho ManageEngine Applications Manager 14 before 14560 allows an attacker to execute commands on the server via the MyPage.do templateresid parameter...

CVE-2020-27995

SQL Injection in Zoho ManageEngine Applications Manager 14 before 14560 allows an attacker to execute commands on the server via the MyPage.do templateresid parameter...

CVE-2020-27995

CVE-2020-27995 affects Zoho ManageEngine Applications Manager 14.x prior to 14560. The vulnerability is an SQL injection in the MyPage.do action that allows an attacker to execute commands on the server via the template_resid parameter, caused by improper validation of user-supplied input. Impact...