CVE-2021-33926

An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4...

CVE-2024-33926 WordPress GWP-Histats plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Karl Kiesinger GWP-Histats allows Stored XSS.This issue affects GWP-Histats: from n/a through 1.0...

CVE-2024-33926

CVE-2024-33926 relates to the GWP-Histats WordPress plugin. Connected data confirms an authenticated (Contributor+) Stored XSS via GWP-Histats

WordPress GWP-Histats Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software GWP-Histats Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33926 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0e72e427058e Credits Ngô Thiên An ancorn from VNPT-VCI Required...

CVE-2023-33926

creationtimestamp| type| source ---|---|--- 2023-05-29 00:30:32+00:00| seen| https://t.me/cibsecurity/64752...

CVE-2023-33926

CVE-2023-33926 corresponds to a CSRF vulnerability in the WordPress plugin Easy Google Maps by Supsystic, affected versions

CVE-2021-33926

creationtimestamp| type| source ---|---|--- 2023-02-17 20:13:27+00:00| seen| https://t.me/cibsecurity/58455...

CVE-2021-33926

CVE-2021-33926 affects Plone CMS versions up to 5.2.4 (and prior 4.x/5.0-5.1 releases) due to a server-side request forgery (SSRF) flaw in the RSS feed portlet that allows an attacker to access sensitive internal information. The issue is triggered when processing RSS feed content, exposing inter...

CVE-2021-33926

An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4...

CVE-2021-33926

An issue in Plone CMS v. 5.2.4, 5.2.3, 5.2.2, 5.2.1, 5.2.0, 5.1rc2, 5.1rc1, 5.1b4, 5.1b3, 5.1b2, 5.1a2, 5.1a1, 5.1.7, 5.1.6, 5.1.5, 5.1.4, 5.1.2, 5.1.1 5.1, 5.0rc3, 5.0rc2, 5.0rc1, 5.0.9, 5.0.8, 5.0.7, 5.0.6, 5.0.5, 5.0.4, 5.0.3, 5.0.2, 5.0.10, 5.0.1, 5.0, 4.3.9, 4.3.8, 4.3.7, 4.3.6, 4.3.5, 4.3.4...

CVE-2022-33926

creationtimestamp| type| source ---|---|--- 2022-08-10 20:26:02+00:00| seen| https://t.me/cibsecurity/47863...

CVE-2022-33926

Dell Wyse Management Suite

CVE-2022-33926

Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked...

Dell Wyse Management Suite < 3.8 Multiple Vulnerabilities (DSA-2022-134)

The version of Dell Wyse Management Suite installed on the remote host is prior to 3.8. It is, therefore, affected by multiple vulnerabilities as referenced in the DSA-2022-134 advisory. - Wyse Management Suite 3.7 and earlier contains a Sensitive Data Exposure vulnerability. A low privileged...

CVE-2022-33926

Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked...

POP Peeper v3.4 UIDL Buffer Overflow

This module exploits a stack buffer overflow in POP Peeper v3.4. When a specially crafted UIDL string is sent to a client, an attacker may be able to execute arbitrary code. This module is based off of krakowlabs code. This module requires Metasploit: https://metasploit.com/download Current sourc...