ECHO-5A20-E6BA-3130

Bulletin has no description...

CVE-2026-3130

creationtimestamp| type| source ---|---|--- 2026-03-03 23:52:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mg6xlyzgu72x 2026-03-04 16:21:23+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mgaouy4lzp2s 2026-03-04 16:22:25+00:00| seen|...

CVE-2026-3130

Improper Enforcement of Behavioral Controls in Devolutions Server 2025.3.15 and earlier allows an authenticated attacker with the delete permission to delete a PAM account that is currently checked out by selecting it alongside at least one non-checked-out account and performing a bulk deletion...

CVE-2024-3130

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app...

CVE-2023-3130

The Short URL WordPress plugin before 1.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2025-3130

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Obfuscate allows Stored XSS.This issue affects Obfuscate: from 0.0.0 before 2.0.1...

CVE-2025-3130

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Obfuscate allows Stored XSS.This issue affects Obfuscate: from 0.0.0 before 2.0.1...

CVE-2025-3130

creationtimestamp| type| source ---|---|--- 2025-04-02 21:34:07+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10141 2025-04-02 23:01:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lluikveyby2k 2025-04-03 01:01:19+00:00| seen| https://t.me/cvedetector/21915...

CVE-2025-3130 Obfuscate - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-029

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Obfuscate allows Stored XSS.This issue affects Obfuscate: from 0.0.0 before 2.0.1...

CVE-2025-3130

CVE-2025-3130 describes a stored XSS vulnerability in the Drupal Obfuscate module. The issue arises from improper input neutralization during web page generation, allowing stored cross-site scripting in Obfuscate versions before 2.0.1. Impact is to users who load pages containing obfuscated email...

CVE-2025-3130 Obfuscate - Moderately critical - Cross Site Scripting - SA-CONTRIB-2025-029

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal Obfuscate allows Stored XSS.This issue affects Obfuscate: from 0.0.0 before 2.0.1...

CVE-2022-3130

A vulnerability classified as critical has been found in codeprojects Online Driving School. This affects an unknown part of the file /login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the...

CVE-2024-3130

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app...

CVE-2024-3130 Insecure Data Storage leading to sensitive Information disclosure.

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app...

CVE-2024-3130 Insecure Data Storage leading to sensitive Information disclosure.

Hard-coded Credentials in CoolKit eWeLlink app are before 5.4.x on Android and IOS allows local attacker to unauthorized access to sensitive data via Decryption algorithm and key obtained after decompiling app...

CVE-2023-3130

creationtimestamp| type| source ---|---|--- 2023-07-31 14:37:41+00:00| seen| https://t.me/cibsecurity/67444...

CVE-2023-3130

The Short URL WordPress plugin before 1.6.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-3130

CVE-2023-3130 affects the Short URL WordPress plugin prior to version 1.6.5. The vulnerability arises because the plugin does not adequately sanitise and escape certain settings, enabling a high-privilege user (e.g., an administrator) to perform Stored Cross-Site Scripting (XSS). This can occur e...

WordPress Short URL Plugin < 1.6.5 is vulnerable to Cross Site Scripting (XSS)

Software Short URL Type Plugin Vulnerable versions 1.6.5 Fixed in 1.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-3130 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 9ca4df5fae13 Credits Bob Matyas Required privilege...

SUSE CVE-2015-3130

Adobe Flash Player before 13.0.0.302 and 14.x through 18.x before 18.0.0.203 on Windows and OS X and before 11.2.202.481 on Linux, Adobe AIR before 18.0.0.180, Adobe AIR SDK before 18.0.0.180, and Adobe AIR SDK & Compiler before 18.0.0.180 allow attackers to execute arbitrary code or cause a deni...