14 matches found
CVE-2021-32639
Emissary is a P2P-based, data-driven workflow engine. Emissary version 6.4.0 is vulnerable to Server-Side Request Forgery SSRF. In particular, the RegisterPeerAction endpoint and the AddChildDirectoryAction endpoint are vulnerable to SSRF. This vulnerability may lead to credential leaks. Emissary...
CVE-2025-32639
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wecantrack Affiliate Links Lite affiliate-links allows Reflected XSS.This issue affects Affiliate Links Lite: from n/a through = 3.1.0...
CVE-2025-32639 WordPress Affiliate Links plugin <= 3.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wecantrack Affiliate Links Lite allows Reflected XSS. This issue affects Affiliate Links Lite: from n/a through 3.1.0...
CVE-2025-32639
CVE-2025-32639 corresponds to a Reflected Cross-Site Scripting vulnerability in the WordPress plugin Affiliate Links Lite (Affiliate Links: WordPress Plugin for Link Cloaking and Link Management). Affected range: from n/a through 3.1.0. The CVE entry notes improper neutralization of input during ...
WordPress Affiliate Links plugin <= 3.1.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana in WordPress Plugin Affiliate Links Lite versions = 3.1.0...
CVE-2023-32639
creationtimestamp| type| source ---|---|--- 2023-07-25 07:26:46+00:00| seen| https://t.me/cibsecurity/67202...
CVE-2023-32639
Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...
CVE-2023-32639
Applicant Programme Ver.7.06 and earlier improperly restricts XML external entity references XXE. By processing a specially crafted XML file, arbitrary files on the system may be read by an attacker...
CVE-2023-32639
CVE-2023-32639 affects the Ministry of Justice’s Applicant Programme, specifically versions 7.06 and earlier . The root cause is improper restriction of XML External Entity (XXE) references , allowing processing of a crafted XML file to read arbitrary files on the system. Impact is high confident...
CVE-2022-32639
creationtimestamp| type| source ---|---|--- 2023-01-04 00:17:29+00:00| seen| https://t.me/cibsecurity/55826...
CVE-2022-32639
In watchdog, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494487; Issue ID: ALPS07494487...
CVE-2022-32639
CVE-2022-32639 concerns watchdog with an out-of-bounds read caused by a missing bounds check. The vulnerability enables local escalation of privilege to System execution level; exploitation does not require user interaction. Patch ID ALPS07494487 is cited in the records. Current connected documen...
CVE-2021-32639
Emissary is a P2P-based, data-driven workflow engine. Emissary version 6.4.0 is vulnerable to Server-Side Request Forgery SSRF. In particular, the RegisterPeerAction endpoint and the AddChildDirectoryAction endpoint are vulnerable to SSRF. This vulnerability may lead to credential leaks. Emissary...
realestate.co.nz XSS vulnerability
Vulnerable URL: http://www.realestate.co.nz/residential/search/keywords/%3C%2Fscript%3E%3Csvg+onload%3Dalert%28%2FOPENBUGBOUNTY%2F%29%3E Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:| 28.07.2017 11:34 GMT Vulnerability type:| XSS Vulnerability status:|...