14 matches found
CVE-2023-31038
creationtimestamp| type| source ---|---|--- 2025-10-05 13:19:21+00:00| seen| https://bsky.app/profile/ferramentaslinux.bsky.social/post/3m2h6rbd2hs2d...
CVE-2025-31038
Cross-Site Request Forgery CSRF vulnerability in Essential Marketer Essential Breadcrumbs essential-breadcrumbs allows Privilege Escalation.This issue affects Essential Breadcrumbs: from n/a through = 1.1.1...
WordPress Essential Breadcrumbs plugin <= 1.1.1 - CSRF to Privilege Escalation vulnerability
CSRF to Privilege Escalation vulnerability discovered by LVT-tholv2k in WordPress Plugin Essential Breadcrumbs versions = 1.1.1...
CVE-2025-31038
Cross-Site Request Forgery CSRF vulnerability in Essential Marketer Essential Breadcrumbs essential-breadcrumbs allows Privilege Escalation.This issue affects Essential Breadcrumbs: from n/a through = 1.1.1...
CVE-2025-31038
CVE-2025-31038: Essential Breadcrumbs (Essential Marketer) suffers CSRF leading to privilege escalation in versions up to 1.1.1. Impacted software is WordPress plugin; CVSS 3.1 base score 8.8 (HIGH). Patch status not provided in the initial document; exploitation status not stated.
CVE-2025-31038 WordPress Essential Breadcrumbs plugin <= 1.1.1 - CSRF to Privilege Escalation vulnerability
Cross-Site Request Forgery CSRF vulnerability in Essential Marketer Essential Breadcrumbs essential-breadcrumbs allows Privilege Escalation.This issue affects Essential Breadcrumbs: from n/a through = 1.1.1...
CVE-2025-31038 WordPress Essential Breadcrumbs plugin <= 1.1.1 - CSRF to Privilege Escalation vulnerability
Cross-Site Request Forgery CSRF vulnerability in Essential Marketer Essential Breadcrumbs essential-breadcrumbs allows Privilege Escalation.This issue affects Essential Breadcrumbs: from n/a through = 1.1.1...
CVE-2023-31038
Summary (CVE-2023-31038): SQL injection in the Log4cxx ODBC appender allows injecting SQL into a database because input fields were not escaped in older releases. The vulnerability affected builds where ODBC support was present, the ODBCAppender was enabled, and user input was logged. It has been...
CVE-2023-31038
SQL injection in Log4cxx when using the ODBC appender to send log messages to a database. No fields sent to the database were properly escaped for SQL injection. This has been the case since at least version 0.9.0released 2003-08-06 Note that Log4cxx is a C++ framework, so only C++ applications...
Gogs < 0.12.9 Multiple Vulnerabilities
Gogs is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribu...
CVE-2022-31038
creationtimestamp| type| source ---|---|--- 2022-06-09 20:33:41+00:00| seen| https://t.me/cibsecurity/44127...
CVE-2022-31038 XSS vulnerability in repository issue list in Gogs
Gogs is an open source self-hosted Git service. In versions of gogs prior to 0.12.9 DisplayName does not filter characters input from users, which leads to an XSS vulnerability when directly displayed in the issue list. This issue has been resolved in commit 155cae1d which sanitizes DisplayName...
CVE-2022-31038
CVE-2022-31038 affects the Gogs self-hosted Git service. Versions prior to 0.12.9 allow an XSS vulnerability in the issue list caused by DisplayName not filtering user input when rendered. The issue is resolved by commit 155cae1d which sanitizes DisplayName before display. All users are advised t...
CVE-2021-31038
CVE-2021-31038 is rejected/not used; this candidate was withdrawn by the CVE program.