CVE-2026-35212 OpenCTI has XSS in the rendering of email-message observable body data

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Versions prior to 7.260227.0 are vulnerable to XSS in the rendering of email-message observable body data. The content of the body field isn't appropriately sanitized when being rendered. Does...

CVE-2022-35212

osCommerce2 before v2.3.4.1 was discovered to contain a cross-site scripting XSS vulnerability via the function tepdberror...

CVE-2021-35212

An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user...

CVE-2024-35212

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected application lacks input validation due to which an attacker can gain access to the Database entries...

CVE-2024-35212

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected application lacks input validation due to which an attacker can gain access to the Database entries...

CVE-2024-35212

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected application lacks input validation due to which an attacker can gain access to the Database entries...

CVE-2024-35212

CVE-2024-35212 affects Siemens SINEC Traffic Analyzer (6GK8822-1BG01-0BA0) prior to V1.2. Root cause: insufficient input validation that could allow an attacker to access database entries. Mitigation: update to V1.2 or later (as noted in Siemens advisory/CSAF references). Other connected sources ...

CVE-2024-35212

A vulnerability has been identified in SINEC Traffic Analyzer 6GK8822-1BG01-0BA0 All versions V1.2. The affected application lacks input validation due to which an attacker can gain access to the Database entries...

CVE-2022-35212

creationtimestamp| type| source ---|---|--- 2022-08-19 00:22:52+00:00| seen| https://t.me/cibsecurity/48407...

SolarWinds Orion Platform 2019.2 HF4 / 2019.4.2 / 2020.2.5 HF1 / 2020.2.6 / 2020.2.6 SQLI

The version of SolarWinds Orion Platform installed on the remote host is prior to 2019.2 HF4 / 2019.4.2 / 2020.2.5 HF1 / 2020.2.6 / 2020.2.6. It is, therefore, affected by a vulnerability as referenced in the orionplatform202025hf120202620194220192hf4 advisory. - An SQL injection Privilege...

CVE-2021-35212

creationtimestamp| type| source ---|---|--- 2021-08-31 20:33:58+00:00| seen| https://t.me/cibsecurity/28118...

CVE-2021-35212

CVE-2021-35212 is a blind Boolean SQL injection vulnerability in SolarWinds Orion Platform. The issue could allow an authenticated attacker to perform full read/write access to the Orion database, including the Orion certificate. ZDI notes remote access for privilege escalation with authenticatio...

CVE-2021-35212 Blind SQL injection Vulnerability

An SQL injection Privilege Escalation Vulnerability was discovered in the Orion Platform reported by the ZDI Team. A blind Boolean SQL injection which could lead to full read/write over the Orion database content including the Orion certificate for any authenticated user...

moziloCMS Multiple Cross Site Scripting Vulnerabilities

The host is running moziloCMS and is prone to Multiple Cross Site Scripting Vulnerabilities OpenVAS Vulnerability Test $Id: gbmoziloCMSmultxssvuln.nasl 4869 2016-12-29 11:01:45Z teissa $ moziloCMS Multiple Cross Site Scripting Vulnerabilities Authors: Antu Sanadi Copyright: Copyright c 2009...