CVE-2026-3348

The MinhNhut Link Gateway plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's settings Description, Title, and other fields in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticat...

Linux Distros Unpatched Vulnerability : CVE-2021-3348

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nbdaddsocket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndbqueuerq use-after- free that could be triggered by local attackers with access...

CVE-2022-3348

Just like in the previous report, an attacker could steal the account of different users. But in this case, it's a little bit more specific, because it is needed to be an editor in the same app as the victim...

CVE-2025-3348

A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. This vulnerability affects unknown code of the file /editdpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-3348

A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. This vulnerability affects unknown code of the file /editdpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-3348

The CVE-2025-3348 entry affects code-projects Patient Record Management System 1.0. A SQL injection is triggered via the ID parameter in the vulnerable file /edit_dpatient.php (documented by NVD, Red Hat, CNVD, CNNVD, and others). The vulnerability is exploitable remotely and exploitation has bee...

CVE-2025-3348 code-projects Patient Record Management System edit_dpatient.php sql injection

A vulnerability classified as critical was found in code-projects Patient Record Management System 1.0. This vulnerability affects unknown code of the file /editdpatient.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2024-3348

creationtimestamp| type| source ---|---|--- 2025-02-14 10:01:40+00:00| seen| Telegram/xorbuWjrNZyz04MfBdm0OhVk2R1Cn1DwTbjHORzH6y5Z9Re...

Photon OS 3.0: Linux PHSA-2021-3.0-0193

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0193. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

openSUSE: Security Advisory for postgresql15 (SUSE-SU-2023:3348-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3348

creationtimestamp| type| source ---|---|--- 2023-08-03 18:40:20+00:00| seen| https://t.me/cibsecurity/67696...

@cfpreview/pages-e2e-test-runner-cli (>=0.0.9 <=0.0.25), @cloudflare/vite-plugin (>=0.0.0-0a9a26099 <=0.0.0-fec45ed61) +5 more potentially affected by CVE-2023-3348 via wrangler (>=0.0.0-a18155fb8 <=2.0.23)

wrangler NPM version =0.0.0-a18155fb8, =0.0.9, =0.0.0-0a9a26099, =0.0.1, =0.0.84-test.20250522015638, =1.0.0, =2.1.7 Source cves: CVE-2023-3348 Source advisory: OSV:GHSA-8C93-4HCH-XGXP...

CVE-2023-3348

The CVE-2023-3348 entry concerns the Cloudflare Wrangler CLI and its pages dev local development server. Affected components: Wrangler (&lt;=3.1.0) and Wrangler (

CVE-2023-3348 Directory traversal vulnerability in Cloudflare Wrangler

The Wrangler command line tool [email protected] or [email protected] was affected by a directory traversal vulnerability when running a local development server for Pages wrangler pages dev command. This vulnerability enabled an attacker in the same network as the victim to connect to the local...

SUSE CVE-2021-20207

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs:CVE-2021-3348. Reason: This candidate is a reservation duplicate of CVE-2021-3348. Notes: All CVE users should reference CVE-2021-3348 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental...

CVE-2022-3348

CVE-2022-3348 affects ToolJet/tooljet and is described as an information disclosure vulnerability. The connected records indicate an attacker who is an editor in the same app can steal another user’s account by accessing sensitive data such as the forgotten-password token via the Threads API endp...

CVE-2022-3348 Exposure of Sensitive Information to an Unauthorized Actor in tooljet/tooljet

Just like in the previous report, an attacker could steal the account of different users. But in this case, it's a little bit more specific, because it is needed to be an editor in the same app as the victim...

CVE-2022-3348 Exposure of Sensitive Information to an Unauthorized Actor in tooljet/tooljet

Just like in the previous report, an attacker could steal the account of different users. But in this case, it's a little bit more specific, because it is needed to be an editor in the same app as the victim...

CVE-2022-3348 Exposure of Sensitive Information to an Unauthorized Actor in tooljet/tooljet

Just like in the previous report, an attacker could steal the account of different users. But in this case, it's a little bit more specific, because it is needed to be an editor in the same app as the victim...

Mageia: Security Advisory (MGASA-2021-0061)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...