CVE-2026-3021

Non-relational SQL injection vulnerability NoSQLi in the Wakyma web application, specifically in the endpoint 'vets.wakyma.com/centro/equipo/empleado'. This vulnerability could allow an authenticated user to alter a GET request to the affected endpoint for the purpose of injecting special NoSQL...

EUVD-2026-3021

EUVD-2026-3021...

ECHO-6284-3021-582F

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2011-3021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use-after-free vulnerability in Google Chrome before 17.0.963.56 allows remote attackers to cause a denial of service or possibly have unspecified other impact...

Linux Distros Unpatched Vulnerability : CVE-2019-3021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior t...

CVE-2022-3021

The Slickr Flickr WordPress plugin through 2.8.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2019-3021

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CVE-2025-3021

Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker to access confidential files outside the expected scope via the ‘file’ parameter in the /downloadReport.php endpoint...

CVE-2025-3021

Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker to access confidential files outside the expected scope via the ‘file’ parameter in the /downloadReport.php endpoint...

CVE-2025-3021

creationtimestamp| type| source ---|---|--- 2025-03-31 10:30:32+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9625 2025-03-31 15:01:00+00:00| seen| https://t.me/cvedetector/21589 2025-08-10 18:27:44+00:00| seen| MISP/f2f93f16-9318-44b1-9be3-2d3346ca540c 2025-09-10 07:47:56+00:00| seen|...

CVE-2025-3021

CVE-2025-3021 is a path traversal vulnerability in e-solutions e-management. The issue allows an attacker to access confidential files outside the intended scope by manipulating the file parameter in the /downloadReport.php endpoint. The CVSS 4.0 base shows a high impact (8.7) with network attack...

CVE-2025-3021 Path Traversal vulnerability in e-management of e-solutions

Path Traversal vulnerability in e-solutions e-management. This vulnerability could allow an attacker to access confidential files outside the expected scope via the ‘file’ parameter in the /downloadReport.php endpoint...

CVE-2024-3021

The Mhr Post Ticker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Header Title value in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level acces...

CVE-2024-3021

The CVE-2024-3021 entry concerns the Mhr Post Ticker WordPress plugin. Reported vulnerability: Stored Cross-Site Scripting via the Header Title value in all versions up to and including 1.1, caused by insufficient input sanitization and output escaping. Impact is limited to multi-site WordPress i...

WordPress Mhr Post Ticker Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)

Software Mhr Post Ticker Type Plugin Vulnerable versions = 1.1 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3021 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID cccfb15cd9da Credits Benedictus Jovan Required...

CVE-2019-3021

creationtimestamp| type| source ---|---|--- 2024-01-15 15:11:49+00:00| seen| https://t.me/ctinow/168396...

CVE-2023-3021

creationtimestamp| type| source ---|---|--- 2023-05-31 20:24:35+00:00| seen| https://t.me/cibsecurity/64829 2025-01-09 21:15:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1068...

CVE-2023-3021 Cross-site Scripting (XSS) - Stored in mkucej/i-librarian-free

Cross-site Scripting XSS - Stored in GitHub repository mkucej/i-librarian-free prior to 5.10.4...

CVE-2023-3021

CVE-2023-3021 concerns the i-librarian-free web application (GitHub repo mkucej/i-librarian-free) and is a Stored XSS vulnerability present in versions prior to 5.10.4. The available connected data indicate an stored XSS issue in the application, with exploitation illustrated in a Huntr entry des...

CVE-2022-4616

The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through the network diagnosis page. This vulnerability could allow a remote unauthenticated user to add files, delete files, and change file permissions...