CVE-2025-29011

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CHR Designer YouTube Simple Gallery youtube-simple-gallery allows Stored XSS.This issue affects YouTube Simple Gallery: from n/a through = 2.2.0...

CVE-2025-29011 WordPress YouTube Simple Gallery <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in CHR Designer YouTube Simple Gallery allows Stored XSS. This issue affects YouTube Simple Gallery: from n/a through 2.2.0...

CVE-2025-29011

CVE-2025-29011 affects the WordPress plugin YouTube Simple Gallery . The vulnerability is a stored XSS caused by improper input neutralization during web page generation, affecting versions up to 2.2.0. It requires at least Contributor+ authentication to exploit and, per Wordfence details, remain...

WordPress YouTube Simple Gallery plugin <= 2.2.0 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin YouTube Simple Gallery versions = 2.2.0...

CVE-2021-29011

DMA Softlab Radius Manager 4.4.0 is affected by Cross Site Scripting XSS via the description, name, or address field under admin.php...

CVE-2023-29011

creationtimestamp| type| source ---|---|--- 2024-11-06 18:36:43+00:00| seen| https://t.me/cibsecurity/62862...

CVE-2024-29011

Use of hard-coded password in the GMS ECM endpoint leading to authentication bypass vulnerability. This issue affects GMS: 9.3.4 and earlier versions...

CVE-2024-29011

SonicWall GMS Virtual Appliance (Windows) ECM endpoint is affected by CVE-2024-29011 due to a hard-coded credential in the ECMClientAuthenticator class, enabling authentication bypass. Affected: GMS versions 9.3.4 and earlier. Impact: remote authentication bypass; no public exploit details provid...

GitHub: CVE-2023-29011 The config file of `connect.exe` is susceptible to malicious placing

...

CVE-2023-29011

Summary of CVE-2023-29011 (Git for Windows): The Windows port of Git ships with connect.exe, a SOCKS5 proxy, which reads a config file at a hard-coded path (/etc/connectrc). On Windows this path is interpreted as C:\etc\connectrc, which an authenticated user on a multi-user system can create or m...

CVE-2023-29011 Git for Windows's config file of `connect.exe` is susceptible to malicious placing

Git for Windows, the Windows port of Git, ships with an executable called connect.exe, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of connect.exe's config file is hard-coded as...

KLA49048 Multiple vulnerabilities in Git for Windows

Multiple vulnerabilities were found in Git for Windows. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Out of bounds memory access vulnerability can be exploited to cause denial of service and...

CVE-2020-29011

creationtimestamp| type| source ---|---|--- 2021-08-04 21:23:51+00:00| seen| https://t.me/cibsecurity/26837...

CVE-2020-29011

Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests...

CVE-2020-29011

CVE-2020-29011 describes SQL injection in Fortinet FortiSandbox (checksum search and MTA-quarantine modules) affecting FortiSandbox 3.2.0–3.2.2 and 3.1.0–3.1.4. The root cause is inadequate input filtering in these modules, allowing an authenticated attacker to execute arbitrary code on the under...

CVE-2021-29011

CVE-2021-29011 affects DMA Softlab Radius Manager 4.4.0 and is described as a Cross Site Scripting (XSS) vulnerability exploitable via the description, name, or address fields under admin.php. The connected documents corroborate an XSS issue with this version; CVSS metrics in the primary entry sh...