CVE-2022-31088

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed ...

Linux Distros Unpatched Vulnerability : CVE-2022-31088

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the user...

CVE-2025-31088

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Stored XSS.This issue affects Paid Member Subscriptions: from n/a through = 2.14.3...

CVE-2025-31088

creationtimestamp| type| source ---|---|--- 2025-03-28 10:28:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/9306 2025-03-28 13:33:56+00:00| seen| https://t.me/cvedetector/21400...

CVE-2025-31088

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Stored XSS.This issue affects Paid Member Subscriptions: from n/a through = 2.14.3...

CVE-2025-31088 WordPress Paid Member Subscriptions plugin <= 2.14.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Stored XSS.This issue affects Paid Member Subscriptions: from n/a through = 2.14.3...

CVE-2025-31088

CVE-2025-31088 is a stored XSS in Paid Membership Subscriptions (WordPress) caused by improper input neutralization during web page generation. Affected: Paid Membership Subscriptions up to version 2.14.3 (no fixed version specified in the provided docs). The description indicates stored XSS rath...

CVE-2025-31088 WordPress Paid Member Subscriptions plugin <= 2.14.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Cozmoslabs Paid Member Subscriptions paid-member-subscriptions allows Stored XSS.This issue affects Paid Member Subscriptions: from n/a through = 2.14.3...

WordPress AdsPlace'r – Ad Manager, Inserter, AdSense Ads Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software AdsPlace'r – Ad Manager, Inserter, AdSense Ads Type Plugin Vulnerable versions = 1.1.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-31088 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f29b9c4efc4a Credits Dim...

CVE-2023-31088 WordPress Floating Action Button Plugin <=1.2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Faraz Quazi Floating Action Button plugin = 1.2.1 versions...

CVE-2023-31088

CVE-2023-31088 concerns the WordPress plugin “Floating Action Button” (versions

CVE-2022-31088

creationtimestamp| type| source ---|---|--- 2022-06-28 00:35:12+00:00| seen| https://t.me/cibsecurity/45236...

CVE-2022-31088 Unauthenticated LDAP Injection in ldap-account-manager

LDAP Account Manager LAM is a webfrontend for managing entries e.g. users, groups, DHCP settings stored in an LDAP directory. In versions prior to 8.0 the user name field at login could be used to enumerate LDAP data. This is only the case for LDAP search configuration. This issue has been fixed ...

CVE-2022-31088

The CVE-2022-31088 issue affects LDAP Account Manager (LAM). In versions prior to 8.0, the username field at login could be used to enumerate LDAP data during LDAP search configuration. This is limited to enumeration during login and does not mention broader code execution paths. The vulnerabilit...

CVE-2021-31088

...

CVE-2021-31088

CVE-2021-31088 is rejected and does not represent an active vulnerability entry.

Product release: Virtuozzo Infrastructure Platform 3.5 Update 1 (3.5.1-43)

This update provides a new feature as well as fixes and improvements. Vulnerability id: VSTOR-30003 Unable to release node from cluster: 'Unable to send message to any node in ABGW cluster'. Vulnerability id: VSTOR-30135 No read/write data on dashboards if multipath is configured. Vulnerability i...