CVE-2026-29112

creationtimestamp| type| source ---|---|--- 2026-03-18 20:01:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhebpbng6g2s 2026-03-18 23:40:08+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhenwhoyyt2a...

CVE-2023-29112

The SAP Application Interface Message Monitoring - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limite...

CVE-2024-29112

creationtimestamp| type| source ---|---|--- 2024-03-19 16:26:39+00:00| seen| https://t.me/ctinow/211686...

CVE-2024-29112

CVE-2024-29112 is a stored XSS in the WooCommerce Google Feed Manager plugin for WordPress, affecting versions from 0 through 2.2.0. Root cause: improper neutralization of input during web page generation. Impact per sources: stored cross-site scripting that can be exploited by an authenticated u...

CVE-2024-29112 WordPress WooCommerce Google Feed Manager plugin <= 2.2.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Marketing Robot WooCommerce Google Feed Manager allows Stored XSS.This issue affects WooCommerce Google Feed Manager: from n/a through 2.2.0...

WordPress WooCommerce Google Feed Manager Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS)

Software WooCommerce Google Feed Manager Type Plugin Vulnerable versions = 2.2.0 Fixed in 2.3.0 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29112 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID a47ab0c3a92d Credits Joshua Chan Required...

CVE-2023-29112

creationtimestamp| type| source ---|---|--- 2023-04-11 07:23:04+00:00| seen| https://t.me/cibsecurity/61818...

CVE-2023-29112

The SAP Application Interface Message Monitoring - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limite...

CVE-2023-29112 Code Injection vulnerability in SAP Application Interface Framework (Message Monitoring)

The SAP Application Interface Message Monitoring - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limite...

CVE-2023-29112

CVE-2023-29112 affects SAP Application Interface Framework (Message Monitoring) versions 600 and 700. An authorized attacker can insert links or headings with custom CSS classes into a comment; the comment renders those links/classes as HTML objects, potentially resulting in limited impact on con...

CVE-2021-29112

creationtimestamp| type| source ---|---|--- 2022-08-12 23:23:08+00:00| seen| https://t.me/cibsecurity/48102...

CVE-2021-29112

An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 and earlier which allow an unauthenticated attacker to induce an information disclosure issue in the context of the current user...

CVE-2021-29112 Esri ArcReader PMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

An out-of-bounds read vulnerability exists when parsing a specially crafted file in Esri ArcReader 10.8.1 and earlier which allow an unauthenticated attacker to induce an information disclosure issue in the context of the current user...

CVE-2021-29112

CVE-2021-29112 affects Esri ArcReader 10.8.1 and earlier. The vulnerability is an out-of-bounds read during PMF file parsing that can disclose information to an unauthenticated attacker, under the context of the current user. Exploitation requires user interaction (per sources), and the issue is ...

Microsoft Windows Multiple Vulnerabilities (KB5014012)

This host is missing an important security update according to Microsoft KB5014012 SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

CVE-2022-29112

Windows Graphics Component Information Disclosure Vulnerability...

CVE-2022-29112

Technical details for CVE-2022-29112 are not provided in the supplied documents. OpenVAS references the CVE among others, but no product/impact/fix specifics are given here. Monitor for updates.

Apache HTTP Server 403 Error Page UTF-7 Encoded XSS

According to its banner, the version of Apache HTTP Server running on the remote host can be used in cross-site scripting XSS attacks. Making a specially crafted request can inject UTF-7 encoded script code into a 403 response page, resulting in XSS attacks. This is actually a web browser...