24 matches found
CVE-2026-32961
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sxsmpd. Processing a crafted packet may cause a temporary denial-of-service DoS condition...
CVE-2026-32961
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sxsmpd. Processing a crafted packet may cause a temporary denial-of-service DoS condition...
CVE-2026-32961
creationtimestamp| type| source ---|---|--- 2026-04-19 19:30:00+00:00| seen| https://jvn.jp/en/vu/JVNVU94271449 2026-04-21 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-10...
CVE-2024-32961
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through = 2.0.33...
CVE-2021-32961
A getfile function in MDT AutoSave versions prior to v6.02.06 enables a user to supply an optional parameter, resulting in the processing of a request in a special manner. This can result in the execution of an unzip command and place a malicious .exe file in one of the locations the function loo...
CVE-2025-32961
creationtimestamp| type| source ---|---|--- 2025-04-22 21:09:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lngln25ir424 2025-04-22 22:35:36+00:00| seen| https://t.me/cvedetector/23555...
CVE-2025-32961 CUBA JPA Web API Vulnerable to Cross-Site Scripting (XSS) in the /download Endpoint
The Cuba JPA web API enables loading and saving any entities defined in the application data model by sending simple HTTP requests. Prior to version 1.1.1, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name...
CVE-2025-32961
The CVE-2025-32961 issue affects the Cuba JPA Web API (Cuba Platform add-on) prior to version 1.1.1, where an attacker could manipulate the input parameter (string with a file path/name) to cause the server to return a Content-Type of text/html for names ending in .html. This can enable execution...
CVE-2025-32961 CUBA JPA Web API Vulnerable to Cross-Site Scripting (XSS) in the /download Endpoint
The Cuba JPA web API enables loading and saving any entities defined in the application data model by sending simple HTTP requests. Prior to version 1.1.1, the input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name...
CVE-2024-32961
CVE-2024-32961 concerns Blocksy (Creative Themes HQ) with an authenticated Stored XSS via improper input neutralization during web page generation. Affected: Blocksy versions up to 2.0.33 (n/a). The CVE notes stored cross-site scripting vulnerability in the plugin/theme, and references indicate r...
CVE-2024-32961 WordPress Blocksy theme <= 2.0.33 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through = 2.0.33...
CVE-2024-32961 WordPress Blocksy theme <= 2.0.33 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Creative Themes HQ Blocksy allows Stored XSS.This issue affects Blocksy: from n/a through 2.0.33...
Exploit for Cross-site Scripting in Zotpress_Project Zotpress
CVE-2023-32961 This repository is about XSS vulnerability in...
CVE-2023-32961
creationtimestamp| type| source ---|---|--- 2023-06-12 18:39:15+00:00| seen| https://t.me/cibsecurity/65135 2023-07-06 02:41:35+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/4692...
CVE-2023-32961
CVE-2023-32961 affects the WordPress Zotpress plugin by Katie Seaborn, specifically vulnerable in versions ≤ 7.3.3. The connected exploit details indicate an unauthenticated, reflected Cross‑Site Scripting (XSS) weakness in Zotpress, traced to the get_request_token path in zotpress/lib/admin/admi...
CVE-2023-32961 WordPress Zotpress Plugin <= 7.3.3 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Katie Seaborn Zotpress plugin = 7.3.3 versions...
CVE-2023-32961 WordPress Zotpress Plugin <= 7.3.3 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Katie Seaborn Zotpress plugin = 7.3.3 versions...
WordPress Zotpress Plugin <= 7.3.3 is vulnerable to Cross Site Scripting (XSS)
Software Zotpress Type Plugin Vulnerable versions = 7.3.3 Fixed in 7.3.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32961 Patch priority Medium CVSS severity Medium 7.1 Developer Katie Seaborn PSID 1e1dc3c4b47a Credits LOURCODE Required privileg...
CVE-2022-32961
creationtimestamp| type| source ---|---|--- 2022-07-20 07:41:23+00:00| seen| https://t.me/cibsecurity/46624...
CVE-2022-32961
CVE-2022-32961 concerns HICOS’ client-side citizen digital certificate component, which has a stack-based buffer overflow when reading an IC card due to insufficient validation of token information parameter length. The vulnerability can be exploited by an unauthenticated, physical attacker to ex...