CVE-2025-32548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in borisolhor Hamburger Icon Menu Lite allows Reflected XSS. This issue affects Hamburger Icon Menu Lite: from n/a through 1.0...

CVE-2025-32548

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in borisolhor Hamburger Icon Menu Lite allows Reflected XSS. This issue affects Hamburger Icon Menu Lite: from n/a through 1.0...

CVE-2025-32548 WordPress Hamburger Icon Menu Lite Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in borisolhor Hamburger Icon Menu Lite allows Reflected XSS. This issue affects Hamburger Icon Menu Lite: from n/a through 1.0...

CVE-2025-32548 WordPress Hamburger Icon Menu Lite Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in borisolhor Hamburger Icon Menu Lite allows Reflected XSS. This issue affects Hamburger Icon Menu Lite: from n/a through 1.0...

WordPress Hamburger Icon Menu Lite Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh in WordPress Plugin Hamburger Icon Menu Lite versions = 1.0...

CVE-2022-32548

An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field...

CVE-2024-32548

CVE-2024-32548 describes an stored XSS in Hideki Tanaka’s What’s New Generator for WordPress. The vulnerability stems from improper neutralization of input during web page generation, allowing attacker-supplied input to be stored and subsequently rendered in pages viewed by other users. Affected ...

CVE-2024-32548 WordPress What's New Generator plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Hideki Tanaka What's New Generator allows Stored XSS.This issue affects What's New Generator: from n/a through 2.0.2...

WordPress What's New Generator Plugin <= 2.0.2 is vulnerable to Cross Site Scripting (XSS)

Software What's New Generator Type Plugin Vulnerable versions = 2.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32548 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2836aca6492c Credits CatFather Required privilege...

Exploit for Classic Buffer Overflow in Draytek Vigor3910_Firmware

CVE-2022-32548-RCE-POC DrayTek unauthenticated remote code exe...

CVE-2023-32548

OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where the product is...

CVE-2023-32548

OS command injection vulnerability exists in WPS Office version 10.8.0.6186. If a remote attacker who can conduct a man-in-the-middle attack connects the product to a malicious server and sends a specially crafted data, an arbitrary OS command may be executed on the system where the product is...

CVE-2023-32548

CVE-2023-32548 affects WPS Office version 10.8.0.6186. The OS command injection vulnerability can be triggered when a remote attacker, via a man-in-the-middle position, connects to a malicious server and sends specially crafted data, enabling arbitrary OS commands on the host. Exploitation detail...

SUSE CVE-2021-32548

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users...

CVE-2022-32548

CVE-2022-32548 affects DrayTek Vigor routers (e.g., Vigor3910) with firmware prior to 4.3.1.1. The vulnerability is a buffer overflow in the web management interface at /cgi-bin/wlogin.cgi triggered by crafted input in the username or password fields (aa/ab), enabling unauthenticated remote code ...

DrayTek Routers Buffer Overflow (CVE-2022-32548)

A buffer overflow vulnerability exists in DrayTek Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

CVE-2022-32548

creationtimestamp| type| source ---|---|--- 2022-08-04 15:13:26+00:00| seen| https://t.me/thehackernews/2443 2022-08-05 00:12:11+00:00| seen| https://t.me/cibsecurity/47513 2022-08-26 15:00:04+00:00| seen| https://t.me/poxek/2371 2022-10-07 14:26:04+00:00| published-proof-of-concept|...

Unauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers

Unauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers By Trellix · August 3, 2022 This story was written by Philippe Laulheret. Summary The Trellix Threat Labs Vulnerability Research team has found an unauthenticated remote code execution vulnerability, filed under...

Unauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers

Unauthenticated Remote Code Execution in a Wide Range of DrayTek Vigor Routers By Trellix · August 3, 2022 This story was written by Philippe Laulheret. Summary The Trellix Threat Labs Vulnerability Research team has found an unauthenticated remote code execution vulnerability, filed under...

CVE-2021-32548

The CVE-2021-32548 issue affects the Ubuntu Apport component: read_file() in apport/hookutils.py can follow symbolic links or open FIFOs when invoked by the openjdk-8 package apport hooks, enabling a local attacker to view private data of other users. This matches the described impact of partial ...