17 matches found
CVE-2026-34752
Haraka is a Node.js mail server. Prior to version 3.1.4, sending an email with proto: as a header name crashes the Haraka worker process. This issue has been patched in version 3.1.4...
CVE-2026-34752
creationtimestamp| type| source ---|---|--- 2026-03-30 21:05:00+00:00| published-proof-of-concept| https://github.com/haraka/Haraka/security/advisories/GHSA-xph3-r2jf-4vp3 2026-04-02 20:45:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mik36k7qxu2q 2026-04-02 22:22:50+00:00| see...
MAL-2025-34752 Malicious code in terser-fork-cors-eridanus (npm)
The package terser-fork-cors-eridanus was found to contain malicious code...
CVE-2023-34752
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings=lang=edit...
CVE-2021-34752
A vulnerability in the CLI of Cisco FTD Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands with root privileges on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of...
CVE-2021-34752
creationtimestamp| type| source ---|---|--- 2024-11-15 19:07:54+00:00| seen| https://t.me/cvedetector/11127...
CVE-2024-34752
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PluginOps Landing Page Builder allows Reflected XSS.This issue affects Landing Page Builder: from n/a through 1.5.1.8...
CVE-2024-34752 WordPress Landing Page Builder <= 1.5.1.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PluginOps Landing Page Builder allows Reflected XSS.This issue affects Landing Page Builder: from n/a through 1.5.1.8...
CVE-2024-34752
CVE-2024-34752 corresponds to a Reflected XSS in Landing Page Builder for WordPress. The initial description and Red Hat/Wordfence references confirm: vulnerability is due to improper neutralization of input during web page generation, enabling Reflected XSS; affected software is Landing Page Bui...
CVE-2024-34752 WordPress Landing Page Builder <= 1.5.1.8 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in PluginOps Landing Page Builder allows Reflected XSS.This issue affects Landing Page Builder: from n/a through 1.5.1.8...
WordPress Landing Page Builder Plugin <= 1.5.1.8 is vulnerable to Cross Site Scripting (XSS)
Software Landing Page Builder Type Plugin Vulnerable versions = 1.5.1.8 Fixed in 1.5.1.9 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-34752 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d84e812a046a Credits Dimas Maulana Required...
CVE-2023-34752
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit...
CVE-2023-34752
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit...
CVE-2023-34752
Affected software: bloofoxCMS v0.5.2.1. Vulnerability: SQL injection via the lid parameter in admin/index.php?mode=settings&page=lang&action=edit. Root cause: unparameterized handling of the lid parameter. Impact: potentially unauthorized data exposure/editing and database manipulation as per sou...
CVE-2023-34752
bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit...
CVE-2025-34752
...
CVE-2025-34752
CVE-2025-34752 is rejected/not used and does not represent an active vulnerability entry.