29 matches found
CVE-2026-30559
A Reflected Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the addsales.php file via the "msg" parameter. The application fails to sanitize the input, allowing remote attackers to inject arbitrary web script or HTML...
CVE-2024-30559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maurice Spin 360 deg and 3D Model Viewer allows Stored XSS.This issue affects Spin 360 deg and 3D Model Viewer: from n/a through 1.2.7...
CVE-2025-30559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsPoint Kento WordPress Stats kento-wp-stats allows Stored XSS.This issue affects Kento WordPress Stats: from n/a through = 1.1...
CVE-2025-30559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsPoint Kento WordPress Stats kento-wp-stats allows Stored XSS.This issue affects Kento WordPress Stats: from n/a through = 1.1...
CVE-2025-30559 WordPress Kento WordPress Stats plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsPoint Kento WordPress Stats kento-wp-stats allows Stored XSS.This issue affects Kento WordPress Stats: from n/a through = 1.1...
CVE-2025-30559 WordPress Kento WordPress Stats plugin <= 1.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PluginsPoint Kento WordPress Stats kento-wp-stats allows Stored XSS.This issue affects Kento WordPress Stats: from n/a through = 1.1...
CVE-2025-30559
CVE-2025-30559 is an XSS in Kento WordPress Stats (stored XSS). Description confirms Cross-site Scripting due to improper input handling during web page generation. Affected: Kento WordPress Stats plugin (WordPress). No public details on exploited versions, root cause specifics beyond input neutr...
CVE-2024-30559
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maurice Spin 360 deg and 3D Model Viewer allows Stored XSS.This issue affects Spin 360 deg and 3D Model Viewer: from n/a through 1.2.7...
CVE-2024-30559 WordPress Spin 360 deg and 3D Model Viewer plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Maurice Spin 360 deg and 3D Model Viewer allows Stored XSS.This issue affects Spin 360 deg and 3D Model Viewer: from n/a through 1.2.7...
CVE-2024-30559
CVE-2024-30559 is a cross-site scripting (Stored XSS) vulnerability reported in the Spin 360 deg and 3D Model Viewer WordPress plugin. The CVE entry notes the flaw affects Spin 360 deg and 3D Model Viewer versions from an unspecified baseline up to 1.2.7. The linked Red Hat entry reiterates the i...
WordPress Spin 360 deg and 3D Model Viewer Plugin <= 1.2.7 is vulnerable to Cross Site Scripting (XSS)
Software Spin 360 deg and 3D Model Viewer Type Plugin Vulnerable versions = 1.2.7 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30559 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 26eafe92fc92 Credits LVT-tholv2k Required...
CVE-2023-30559
creationtimestamp| type| source ---|---|--- 2023-07-13 22:11:42+00:00| seen| https://t.me/cibsecurity/66689...
CVE-2023-30559 Wireless Card Firmware Improperly Signed
The firmware update package for the wireless card is not properly signed and can be modified...
CVE-2023-30559
CVE-2023-30559 affects BD Alaris Point-of-Care Unit (PCU) Model 8015 v12.1.3 and earlier. The vulnerability arises because the firmware update package for the wireless card is not properly signed and can be modified, enabling tampering before installation. The BD security bulletin notes CVE-2023-...
BD Alaris System with Guardrails Suite MX
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.2 ATTENTION : Low attack complexity Vendor : Becton, Dickinson and Company BD Equipment : Alaris PCU, Guardrails Editor, Systems Manager, Calculation Services, CQI Reporter Vulnerabilities : Insufficient Verification of Data Authenticity, Missing...
GLSA-202107-49 : Chromium, Google Chrome: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202107-49 Chromium, Google Chrome: Multiple vulnerabilities Multiple vulnerabilities have been discovered in chromium, and google-chrome. Please review the CVE identifiers referenced below for details. Impact : Please review the...
CVE-2021-30559
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-30559
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-30559
Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...
CVE-2021-30559
CVE-2021-30559 is an out-of-bounds write in ANGLE within Chromium/Google Chrome prior to 91.0.4472.164. The issue could allow a remote attacker to trigger heap corruption via a crafted HTML page, enabling arbitrary code execution or crash. Affected component: ANGLE in the Chromium browser engine;...