CVE-2024-29095

creationtimestamp| type| source ---|---|--- 2024-03-19 17:26:54+00:00| seen| https://t.me/ctinow/211730 2025-02-19 21:02:53+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3likodtftbw2b...

CVE-2024-29095 WordPress Site Reviews plugin <= 6.11.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gemini Labs Site Reviews site-reviews.This issue affects Site Reviews: from n/a through = 6.11.6...

CVE-2024-29095

CVE-2024-29095 affects the Site Reviews WordPress plugin (versions n/a through 6.11.6). The vulnerability is a Stored XSS arising from improper input neutralization during web page generation. Exploitation could allow an attacker to inject script that runs in a victim user’s browser; CVSS 3.1/3.1...

CVE-2024-29095 WordPress Site Reviews plugin <= 6.11.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gemini Labs Site Reviews site-reviews.This issue affects Site Reviews: from n/a through = 6.11.6...

WordPress Site Reviews Plugin <= 6.11.6 is vulnerable to Cross Site Scripting (XSS)

Software Site Reviews Type Plugin Vulnerable versions = 6.11.6 Fixed in 6.11.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29095 Patch priority Low CVSS severity Low 5.9 Developer Gemini Labs PSID ea55e6cb50a9 Credits isacaya Required privilege Author Published...

CVE-2023-29095

Auth. admin+ SQL Injection SQLi vulnerability in David F. Carr RSVPMaker plugin 10.5.5 versions...

CVE-2023-29095

The CVE-2023-29095 entry concerns the RSVPMaker WordPress plugin by David F. Carr. Affected versions are prior to 10.5.5 and the vulnerability is an SQL Injection in the RSVPMaker plugin that can be exploited with Administrator+ privileges. The issue is addressed in version 10.5.5 and later, whic...

CVE-2023-29095 WordPress RSVPMarker Plugin < 10.5.5 is vulnerable to SQL Injection

Auth. admin+ SQL Injection SQLi vulnerability in David F. Carr RSVPMaker plugin 10.5.5 versions...

WordPress RSVPMarker Plugin < 10.5.5 is vulnerable to SQL Injection

Software RSVPMarker Type Plugin Vulnerable versions 10.5.5 Fixed in 10.5.5 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-29095 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 4d11f7569f33 Credits Rafi Priatna Kasbiantoro Required privilege...

CVE-2022-29095

creationtimestamp| type| source ---|---|--- 2022-06-11 00:35:01+00:00| seen| https://t.me/cibsecurity/44230...

CVE-2022-29095

Dell SupportAssist Client contains a Cross-Site Scripting (XSS) vulnerability (CVE-2022-29095) in both Consumer (3.10.4 and earlier) and Commercial (3.1.1 and earlier) versions. A remote unauthenticated attacker could exploit this (under specific conditions) to execute malicious code on the targe...

CVE-2021-29095

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 and earlier allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account...

CVE-2021-29095

Esri ArcGIS Server 10.8.1 (and earlier) is affected by multiple uninitialized pointer vulnerabilities when parsing a specially crafted file. An authenticated attacker with specialized permissions can achieve arbitrary code execution in the context of the service account. The issue is documented a...

CVE-2021-29095 ArcGIS Server image service and raster analytics security update: uninitialized pointer

Multiple uninitialized pointer vulnerabilities when parsing a specially crafted file in Esri ArcGIS Server 10.8.1 and earlier allows an authenticated attacker with specialized permissions to achieve arbitrary code execution in the context of the service account...