22 matches found
CVE-2026-34652
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the...
CVE-2026-34652 Adobe Commerce | Dependency on Vulnerable Third-Party Component (CWE-1395)
Adobe Commerce versions 2.4.9-beta1, 2.4.8-p4, 2.4.7-p9, 2.4.6-p14, 2.4.5-p16, 2.4.4-p17 and earlier are affected by a Dependency on Vulnerable Third-Party Component vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the...
CVE-2024-34652
Incorrect authorization in kperfmon prior to SMR Sep-2024 Release 1 allows local attackers to access information related to performance including app usage...
PT-2025-34652 · Unknown · Rebuild 3.7.7
Name of the Vulnerable Software and Affected Versions: Rebuild version 3.7.7 Description: An incorrect access control issue exists in the prehandle function. This allows attackers to bypass authentication by sending a crafted GET request to the /commons/ip-location API endpoint. Recommendations:...
MAL-2025-34652 Malicious code in tedster (npm)
The package tedster was found to contain malicious code...
CVE-2023-34652
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting XSS via Add New Course...
CVE-2024-34652
creationtimestamp| type| source ---|---|--- 2024-09-04 09:22:56+00:00| seen| https://t.me/cvedetector/4763...
CVE-2023-34652
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting XSS via Add New Course...
CVE-2023-34652
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting XSS via Add New Course...
CVE-2023-34652
PHPgurukl Hostel Management System v.1.0 is vulnerable to Cross Site Scripting XSS via Add New Course...
CVE-2023-34652
CVE-2023-34652 affects PHPgurukl Hostel Management System v1.0 with a Cross-Site Scripting (XSS) vulnerability in the Add New Course feature. Descriptions across sources indicate a (stored) XSS risk that could affect users, with CVSS 3.1 base score 6.1 (MEDIUM) from NVD; user interaction required...
CVE-2022-34652
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules...
CVE-2022-34652
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules...
CVE-2022-34652
WWBN AVideo multiple CVEs describe a SQL injection in ObjectYPT’s Live Schedules feature for version 11.6 and dev master commit 3f7c0364. The vulnerability arises from unsanitized input used to build SQL in ObjectYPT, Live_schedule and related classes (notably description/title fields) via insert...
CVE-2022-34652
A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. A specially-crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability.This vulnerability exists in the Live Schedules...
CVE-2021-34652
The Media Usage WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the /mmuadmin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.4...
CVE-2021-34652
The Media Usage WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the /mmuadmin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.4...
CVE-2021-34652 Media Usage <= 0.0.4 Reflected Cross-Site Scripting
The Media Usage WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the /mmuadmin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.4...
CVE-2021-34652
CVE-2021-34652 concerns the WordPress plugin Media Usage (versions up to and including 0.0.4). The vulnerability is a reflected Cross-Site Scripting (XSS) flaw present in the mmu_admin.php file, exploitable via the id parameter, enabling an attacker to inject arbitrary web scripts. The impact, pe...
Mozilla Firefox Input Validation Error Vulnerability (CNVD-2020-34652)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in versions of Mozilla Firefox prior to 76. An attacker could exploit the vulnerability to bypass content security policies...