18 matches found
CVE-2026-29109
SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. Versions up to and including 8.9.2 contain an unsafe deserialization vulnerability in the SavedSearch filter processing component that allows an authenticated administrator to execute arbitrary...
CVE-2024-29109
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10...
CVE-2024-29109
creationtimestamp| type| source ---|---|--- 2024-03-19 16:26:36+00:00| seen| https://t.me/ctinow/211683...
CVE-2024-29109
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10...
CVE-2024-29109 WordPress Shariff Wrapper plugin <= 4.6.10 - Contributor+ Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10...
CVE-2024-29109 WordPress Shariff Wrapper plugin <= 4.6.10 - Contributor+ Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jan-Peter Lambeck & 3UU Shariff Wrapper allows Stored XSS.This issue affects Shariff Wrapper: from n/a through 4.6.10...
CVE-2024-29109
The CVE-2024-29109 entry affects the WordPress Shariff Wrapper plugin, with vulnerable versions listed as n/a through 4.6.10. The root cause is improper neutralization of input during web page generation, resulting in Stored XSS. The issue explicitly impacts Shariff Wrapper versions up to 4.6.10;...
CVE-2023-29109
creationtimestamp| type| source ---|---|--- 2023-04-11 07:23:19+00:00| seen| https://t.me/cibsecurity/61830...
CVE-2023-29109
The SAP Application Interface Framework Message Dashboard - versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints...
CVE-2023-29109
CVE-2023-29109 affects SAP Application Interface Framework (Message Dashboard) across AIF 703, AIFX 702, S4CORE 101, SAP_BASIS 755/756, SAP_ABA 75C/75D/75E. The root cause is an Excel formula injection in fields such as the Tooltip of the Custom Hints List, which can execute when the victim opens...
CVE-2023-29109 Code Injection vulnerability in SAP Application Interface Framework (Message Dashboard)
The SAP Application Interface Framework Message Dashboard - versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints...
CVE-2022-29109
creationtimestamp| type| source ---|---|--- 2022-05-11 00:43:02+00:00| seen| https://t.me/cibsecurity/42312...
CVE-2022-29109
CVE-2022-29109 affects Microsoft Excel and is described as a remote code execution vulnerability in Excel/Office components. The Open-related documents confirm affected products include Excel and Office Web Apps, with remediation via Microsoft security updates (e.g., KB5002205 for the Office Onli...
CVE-2022-29109 Microsoft Excel Remote Code Execution Vulnerability
...
CVE-2021-29109
creationtimestamp| type| source ---|---|--- 2021-10-01 18:15:26+00:00| seen| https://t.me/cibsecurity/29812...
CVE-2021-29109
A reflected XSS vulnerability in Esri Portal for ArcGIS version 10.9 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser...
CVE-2021-29109 A reflected XSS vulnerability in Esri Portal for ArcGIS version 10.9.
A reflected XSS vulnerability in Esri Portal for ArcGIS version 10.9 and below may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the user’s browser...
CVE-2021-29109
CVE-2021-29109 affects Esri Portal for ArcGIS (version 10.9 and earlier). The root cause is a lack of input validation/filtering that enables a reflected cross-site scripting (XSS) when a user clicks a crafted link, potentially allowing arbitrary JavaScript execution in the browser. Public refere...