ECHO-3243-B479-706C

Bulletin has no description...

Amazon Linux 2 : libpng12, --advisory ALAS2-2026-3243 (ALAS-2026-3243)

The version of libpng12 installed on the remote host is prior to 1.2.50-10. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2026-3243 advisory. LIBPNG is a reference library for use in applications that read, create, and manipulate PNG Portable Network Graphics raster ima...

MINI-PJ26-3243-358V

Bulletin has no description...

CVE-2026-3243

creationtimestamp| type| source ---|---|--- 2026-04-08 13:16:11+00:00| seen| Telegram/w2JXUvOVbxOFgIv0sLZ9cDyiJ5at0tkdnYt2mHRiDRLUrQ 2026-04-08 14:40:52+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3miyjlj2voy2t 2026-04-09 10:59:57+00:00| seen|...

EUVD-2026-3243

A weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Affected is the function Save of the file /blog/bContent/save of the component ContentController. This manipulation of the argument content/author/title causes cross site scripting. Remote exploitatio...

Linux Distros Unpatched Vulnerability : CVE-2011-3243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in WebKit, as used in Apple iOS before 5 and Safari before 5.1.1, allows remote attackers to inject arbitrary web script ...

CVE-2024-3243

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the sendtestemail function in all versions up to, and including, 5.46.0. This makes it possible for authenticated attackers, with subscriber-level access and...

CVE-2022-3243

The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not properly sanitise and escape imported data before using them back SQL statements, leading to SQL injection exploitable by high privilege users such as admin...

CVE-2025-3243

creationtimestamp| type| source ---|---|--- 2025-04-04 11:39:06+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/10430 2025-04-04 13:07:27+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3llyicj7rl62o 2025-04-04 16:20:58+00:00| seen|...

CVE-2025-3243

CVE-2025-3243 affects Code-Projects Patient Record Management System 1.0. The issue resides in dental_form.php, where manipulation of itr_no/dental_no enables SQL injection. Attack can be remote, with public exploitation documented in connected sources (e.g., GitHub exploits). Affected software r...

CVE-2025-3243 code-projects Patient Record Management System dental_form.php sql injection

A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /dentalform.php. The manipulation of the argument itrno/dentalno leads to sql injection. The attack may be initiated remotely. The...

Linux Distros Unpatched Vulnerability : CVE-2017-3243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Charsets. Supported versions that are affected are 5.5.53 and earlier. Difficu...

Linux Distros Unpatched Vulnerability : CVE-2015-3243

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rsyslog uses weak permissions for generating log files, which allows local users to obtain sensitive information by reading files in /var/log/cron. CVE-2015-324...

CVE-2024-3243

creationtimestamp| type| source ---|---|--- 2025-02-06 02:43:28+00:00| seen| Telegram/7T06nmpRqdt9Zh9mUom56JaFO9IaOtXeEhzhYhcC5H1DMk1I...

RHEL 6 / 7 : rh-mariadb100-mariadb (RHSA-2018:0279)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0279 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The...

RHEL 7 : soappy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - SOAPpy: XML External Entity XXE flaw CVE-2014-3242 - SOAPpy 0.12.5 does not properly detect recursion...

RHEL 6 : soappy (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - SOAPpy: XML External Entity XXE flaw CVE-2014-3242 - SOAPpy 0.12.5 does not properly detect recursion...

CVE-2024-3243

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the sendtestemail function in all versions up to, and including, 5.46.0. This makes it possible for authenticated attackers, with subscriber-level access and...

CVE-2024-3243

CVE-2024-3243 affects the Customer Reviews for WooCommerce plugin for WordPress. Root cause: a missing capability check in send_test_email(), enabling unauthorized email sending by authenticated users with subscriber-level access or higher. Affected versions: all versions up to and including 5.46...

CVE-2024-3243 Customer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sending

The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the sendtestemail function in all versions up to, and including, 5.46.0. This makes it possible for authenticated attackers, with subscriber-level access and...