CVE-2026-3151

creationtimestamp| type| source ---|---|--- 2026-02-25 16:20:09+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfp3keqrzf2u...

CVE-2022-3151

The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when deleting cursors, which could allow attackers to made a logged in admin delete arbitrary cursors via a CSRF attack...

CVE-2021-3151

i-doit before 1.16.0 is affected by Stored Cross-Site Scripting XSS issues that could allow remote authenticated attackers to inject arbitrary web script or HTML via CMONITORINGCONFIGTITLE, SM2CMONITORINGCONFIGTITLE, CMONITORINGCONFIGPATH, SM2CMONITORINGCONFIGPATH, CMONITORINGCONFIGADDRESS, or...

CVE-2022-3151

creationtimestamp| type| source ---|---|--- 2025-05-14 16:33:40+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16322...

CVE-2025-3151

creationtimestamp| type| source ---|---|--- 2025-04-03 08:34:27+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10192 2025-04-03 10:30:20+00:00| published-proof-of-concept| Telegram/1I25B919ECLc1vSh30ihg8X7cKbpjPnpTQ9ze-2AsfaqM 2025-04-03 11:03:06+00:00| seen|...

CVE-2025-3151 SourceCodester Gym Management System signup.php sql injection

A vulnerability was found in SourceCodester Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /signup.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit ha...

CVE-2025-3151 SourceCodester Gym Management System signup.php sql injection

A vulnerability was found in SourceCodester Gym Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /signup.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit ha...

CVE-2024-3151

A vulnerability, which was classified as problematic, was found in Bdtask Multi-Store Inventory Management System up to 20240325. Affected is an unknown function of the file /stockmovment/stockmovment/delete/ of the component Stock Movement Page. The manipulation leads to cross-site request...

CVE-2024-3151 Bdtask Multi-Store Inventory Management System Stock Movement Page cross-site request forgery

A vulnerability, which was classified as problematic, was found in Bdtask Multi-Store Inventory Management System up to 20240325. Affected is an unknown function of the file /stockmovment/stockmovment/delete/ of the component Stock Movement Page. The manipulation leads to cross-site request...

CVE-2024-3151

CVE-2024-3151 affects Bdtask Multi-Store Inventory Management System (up to 20240325). The vulnerability is a cross-site request forgery in the Stock Movement Page, specifically the /stockmovment/stockmovment/delete/ endpoint, where an unknown function is manipulated to perform CSRF. It can be ex...

CentOS 7 : thunderbird (RHSA-2023:3151)

The remote CentOS Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3151 advisory. - In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and...

Huawei EulerOS: Security Advisory for python-pip (EulerOS-SA-2023-3151)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3151

CVE-2023-3151 affects SourceCodester Online Discussion Forum Site 1.0. The issue is a SQL injection in the logic handling the parameter id in the file manage_user.php (path variants seen as user/manage_user.php). The underlying root cause is manipulation of the id argument that allows arbitrary S...

Oracle Linux 7 : thunderbird (ELSA-2023-3151)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3151 advisory. 102.11.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js - Enabled aarch64 build 102.11.0-1 - Update to...

RHEL 7 : thunderbird (RHSA-2023:3151)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3151 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.11.0. Security Fixes: Mozilla...

CVE-2022-3151 WP Custom Cursors < 3.0.1 - Arbitrary Cursor Deletion via CSRF

The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when deleting cursors, which could allow attackers to made a logged in admin delete arbitrary cursors via a CSRF attack...

CVE-2022-3151

The CVE-2022-3151 entry concerns the WP Custom Cursors WordPress plugin prior to 3.0.1, which does not perform CSRF validation when deleting cursors. This lack of CSRF protection could allow a logged-in administrator to delete arbitrary cursors via a CSRF attack. Affected software: WP Custom Curs...

org.apache.atlas:atlas-authorization (=0.7-incubating), org.apache.atlas:atlas-client (=0.7-incubating) +9 more potentially affected by CVE-2017-3151 via org.apache.atlas:atlas-common (=0.7-incubating)

org.apache.atlas:atlas-common MAVEN version =0.7-incubating is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.atlas:atlas-common and may be impacted: - org.apache.atlas:atlas-authorization =0.7-incubating - org.apache.atlas:atlas-client...

CentOS 8 : sssd (CESA-2021:3151)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2021:3151 advisory. - sssd: shell command injection in sssctl CVE-2021-3621 Note that Nessus has not tested for this issue but has instead relied only on the application's...

i-doit 1.15.2 Cross Site Scripting

Exploit Title: SXX for i-doit 1.15.2 in parameret viewMode from Infrastructure Author: @nu11secur1ty Testing and Debugging: @nu11secur1ty Date: 05.25.2021 Vendor: https://www.i-doit.org/news/ Link: https://www.i-doit.org/new-minor-release-i-doit-open-1-15-2/ From Github:...