114 matches found
CVE-2025-3554
A vulnerability was found in phpshe 1.8. It has been rated as problematic. This issue affects some unknown processing of the file api.php?mod=cron=buyer. The manipulation of the argument act leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the...
CVE-2025-3554
creationtimestamp| type| source ---|---|--- 2025-04-14 06:50:18+00:00| seen| https://bsky.app/profile/potato.software/post/3lmqxvko7qj2t 2025-04-14 06:53:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11581 2025-04-14 10:28:50+00:00| seen| https://t.me/cvedetector/228...
CVE-2025-3554
Phpshe 1.8 is affected by CVE-2025-3554 due to improper handling of the act parameter in api.php?mod=cron&act=buyer, which enables cross-site scripting. The vulnerability is exploitable remotely. The PT-2025-16207 advisory confirms the issue and suggests remediation: restrict access to the api.ph...
Linux Distros Unpatched Vulnerability : CVE-2022-3554
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was n...
Linux Distros Unpatched Vulnerability : CVE-2014-3554
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the ndpmsgoptdnssldomain function in libndp allows remote routers to cause a denial of service crash and possibly execute arbitrary code via ...
openSUSE Security Advisory (SUSE-SU-2024:3554-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CGA-3554-HXC6-JJGW
Bulletin has no description...
CGA-CGX8-CGC6-3554
Bulletin has no description...
RHEL 8 : libx11 (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - libX11: memory leak in XimRegisterIMInstantiateCallback of modules/im/ximcp/imsClbk.c CVE-2022-3554 -...
RHEL 7 : libndp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libndp: buffer overflow flaw in DNS Search List DNSSL handling CVE-2014-3554 Note that Nessus has not tested for th...
CVE-2024-3554 All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic <= 4.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 4.6.0 due to insufficient input sanitization and output escaping on...
CVE-2024-3554
CVE-2024-3554 is a stored XSS vulnerability in the All in One SEO – Best WordPress SEO Plugin (WordPress) up to version 4.6.0. Root cause: inadequate input sanitization and output escaping in shortcode attributes, allowing an attacker with contributor-level access or higher to inject arbitrary sc...
WordPress All In One SEO Pack Plugin <= 4.6.0 is vulnerable to Cross Site Scripting (XSS)
Software All In One SEO Pack Type Plugin Vulnerable versions = 4.6.0 Fixed in 4.6.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3554 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID afa993c33fdc Credits Krzysztof Zając...
CVE-2023-3554
creationtimestamp| type| source ---|---|--- 2023-07-10 20:24:02+00:00| seen| https://t.me/cibsecurity/66259...
CVE-2023-3554
A vulnerability was found in GZ Scripts GZ Forum Script 1.8 and classified as problematic. Affected by this issue is some unknown functionality of the file /preview.php. The manipulation of the argument catid/topicid/topic/topicmessage/freename leads to cross site scripting. The attack may be...
CVE-2023-3554
CVE-2023-3554 affects GZ Scripts GZ Forum Script 1.8. The vulnerability is in /preview.php where manipulating parameters such as catid, topicid, topic, topic message, or free name enables cross-site scripting. The issue can be exploited remotely. Connected sources corroborate the same description...
Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2023-2038)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.11.0 : libX11 (EulerOS-SA-2023-2090)
According to the versions of the libX11 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further...
EulerOS Virtualization 2.11.1 : libX11 (EulerOS-SA-2023-2038)
According to the versions of the libX11 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further...
Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2023-2090)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...