82 matches found
MINI-3578-8495-MPMW
Bulletin has no description...
GHSA-9G4H-H484-3578 vulnerabilities
Vulnerabilities for packages: splunk-otel-collector...
GHSA-9G4H-H484-3578 vulnerabilities
Vulnerabilities for packages: splunk-otel-collector-fips, splunk-otel-collector...
ECHO-A2B0-3578-53F2
Bulletin has no description...
CVE-2022-3578
The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2019-3578
MyBB 1.8.19 has XSS in the resetpassword function...
CVE-2025-3578
A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to cause bugs that would result in the...
CVE-2025-3578
creationtimestamp| type| source ---|---|--- 2025-04-15 11:00:22+00:00| seen| Telegram/E8pU4OKBqdPj2olmKcC8HhvLzrILjQ74eWGXkoWdIjgDWU 2025-04-15 12:32:16+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114341991949529927 2025-04-15 13:15:46+00:00| seen| https://t.me/cvedetector/22931...
CVE-2025-3578
A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to cause bugs that would result in the...
CVE-2025-3578
The CVE-2025-3578 vulnerability in Aidex affects versions prior to 1.7 and can be exploited by an authenticated user to list credentials of other users, create or modify users, and disclose sensitive information from production/development environments. It enables exfiltration of details about th...
CVE-2025-3578 Adversarial Input Handling Vulnerability in AiDex
A malicious, authenticated user in Aidex, versions prior to 1.7, could list credentials of other users, create or modify existing users in the application, list credentials of users in production or development environments. In addition, it would be possible to cause bugs that would result in the...
CVE-2023-3578 DedeCMS co_do.php server-side request forgery
A vulnerability classified as critical was found in DedeCMS 5.7.109. Affected by this vulnerability is an unknown functionality of the file codo.php. The manipulation of the argument rssurl leads to server-side request forgery. The exploit has been disclosed to the public and may be used. The...
CVE-2023-3578
CVE-2023-3578 concerns DedeCMS 5.7.109, where manipulation of the rssurl parameter in co_do.php triggers a server-side request forgery (SSRF). The Nuclei template confirms the vulnerability and notes potential impact including sensitive data exposure and possible server compromise. Remediation: a...
RHEL 8 : firefox (RHSA-2023:3578)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:3578 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...
CVE-2022-3578
The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2022-3578
The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2022-3578
The CVE-2022-3578 entry concerns the WordPress ProfileGrid plugin (versions before 5.1.1). The vulnerability is a Reflected Cross-Site Scripting caused by insufficient sanitisation/escaping of a parameter before it is echoed on pages. Impact as documented includes ability for an attacker to injec...
CVE-2022-3578 ProfileGrid < 5.1.1 - Reflected Cross-Site Scripting
The ProfileGrid WordPress plugin before 5.1.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
ar.com.onready:spring-resttemplate-logger (=1.0.2), at.molindo.social:spring-social-config (=1.1.0.RELEASE) +923 more potentially affected by CVE-2014-3578 via org.springframework:spring-core (>=4.0.0.RELEASE <=4.0.4.RELEASE)
org.springframework:spring-core MAVEN version =4.0.0.RELEASE, =1.0.0, =0.9.0-1, =0.4, =1.4.0, =1.0.0, =0.0.2, =1.5.0.20171107, =1.6.1.20180301 - com.allenru:cross-origin =1.0.1 and more Source cves: CVE-2014-3578 Source advisory: OSV:GHSA-RHCG-RWHX-QJ3J...
Cisco Adaptive Security Appliance Software Software WebVPN Portal Access Rule Bypass (cisco-sa-asaftd-rule-bypass-P73ABNWQ)
According to its self-reported version, Cisco Adaptive Security Appliance Software is affected by a vulnerability. This vulnerability could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked. The...