Fortinet FortiOS < 5.6.0 - Cross-Site Scripting

A Cross-Site Scripting vulnerability in Fortinet FortiOS versions 5.6.0 and earlier allows attackers to execute unauthorized code or commands via the Replacement Message HTML for SSL-VPN. id: CVE-2017-3133 info: name: Fortinet FortiOS 5.6.0 - Cross-Site Scripting author: ritikchaddha severity:...

CVE-2026-3133

creationtimestamp| type| source ---|---|--- 2026-02-25 01:26:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfnjn5wcah24 2026-02-26 12:00:15+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfr5ikfyig2l...

CVE-2026-3133 itsourcecode Document Management System Login loging.php sql injection

A vulnerability has been found in itsourcecode Document Management System 1.0. This issue affects some unknown processing of the file /loging.php of the component Login. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack is possible. The exploit ha...

CVE-2026-3133

CVE-2026-3133 affects itsourcecode Document Management System 1.0. The vulnerability arises in the Login component’s /loging.php when processing the Username argument, allowing a SQL injection. Exploitation is remote and has been disclosed publicly. Multiple sources (NVD, Red Hat, EUVD, CIRCL, CV...

Amazon Linux 2 : capstone, --advisory ALAS2-2026-3133 (ALAS-2026-3133)

The version of capstone installed on the remote host is prior to 3.0.5-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3133 advisory. Capstone is a disassembly framework. In versions 6.0.0-Alpha5 and prior, Skipdata length is not bounds- checked, so a user-provide...

MiracleLinux 7 : httpd24-httpd-2.4.34-23.el7.2 (AXSA:2022-3133:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3133:02 advisory. httpd: Errors encountered during the discarding of request body lead to HTTP request smuggling CVE-2022-22720 CVEs: CVE-2022-22720 Tenable has extracted the...

CVE-2021-3133

The Elementor Contact Form DB plugin before 1.6 for WordPress allows CSRF via backend admin pages...

CVE-2022-3133

OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0...

CVE-2018-3133

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5991...

CVE-2023-3133 Tutor LMS < 2.2.1 - Unauthenticated Access to Tutor LMS Lesson Resources via REST API

The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available...

CVE-2023-3133

The CVE-2023-3133 entry concerns the Tutor LMS WordPress plugin (pre-2.2.1) where REST API endpoints do not perform adequate permission checks, allowing unauthenticated access to information from Lessons that should not be publicly available. Affected product: Tutor LMS WordPress plugin; vulnerab...

CVE-2023-3133 Tutor LMS < 2.2.1 - Unauthenticated Access to Tutor LMS Lesson Resources via REST API

The Tutor LMS WordPress plugin before 2.2.1 does not implement adequate permission checks for REST API endpoints, allowing unauthenticated attackers to access information from Lessons that should not be publicly available...

WordPress Tutor LMS Plugin < 2.2.1 is vulnerable to Broken Access Control

Software Tutor LMS Type Plugin Vulnerable versions 2.2.1 Fixed in 2.2.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-3133 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 46e68bdc901b Credits A. S. M. Muhiminul Hasan Required...

K74843522: MySQL vulnerabilities CVE-2016-9843, CVE-2018-3133, CVE-2018-3137, CVE-2018-3143, and CVE-2018-3144

Security Advisory Description CVE-2016-9843 The crc32big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation. CVE-2018-3133 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent:...

MariaDB 5.5.0 < 5.5.59 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 5.5.59. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.59 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Partition. Supported versions that are affected...

MariaDB 10.2.0 < 10.2.12

The version of MariaDB installed on the remote host is prior to 10.2.12. It is, therefore, affected by a vulnerability as referenced in the 10.2.12 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Parser. Supported versions that are affected are 5.5.61...

MariaDB 10.0.0 < 10.0.34 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 10.0.34. It is, therefore, affected by multiple vulnerabilities as referenced in the 10.0.34 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.3...

CVE-2022-3133

creationtimestamp| type| source ---|---|--- 2022-09-09 22:29:36+00:00| seen| https://t.me/cibsecurity/49557...

CVE-2022-3133

OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0...

CVE-2022-3133

OS Command Injection in GitHub repository jgraph/drawio prior to 20.3.0...