15 matches found
CVE-2021-36712
Cross Site Scripting XSS vulnerability in yzmcms 6.1 allows attackers to steal user cookies via image clipping function...
CVE-2023-36712
Windows Kernel Elevation of Privilege Vulnerability...
CVE-2023-36712
Technical details for CVE-2023-36712 are not publicly disclosed in the provided connected documents. Based on available records, no affected products, root cause, or remediation are specified here. Monitor for updates from official advisories.
CVE-2023-36712 Windows Kernel Elevation of Privilege Vulnerability
...
CVE-2020-36712
The Kali Forms plugin for WordPress is vulnerable to Unauthenticated Arbitrary Post Deletion in versions up to, and including, 2.1.1. This is due to the kaliformsformdeleteuploadedfile function lacking any privilege or user protections. This makes it possible for unauthenticated attackers to dele...
CVE-2020-36712 Kali Forms <= 2.1.1 - Unauthenticated Arbitrary Post Deletion
The Kali Forms plugin for WordPress is vulnerable to Unauthenticated Arbitrary Post Deletion in versions up to, and including, 2.1.1. This is due to the kaliformsformdeleteuploadedfile function lacking any privilege or user protections. This makes it possible for unauthenticated attackers to dele...
CVE-2020-36712
Summary (concrete details from connected docs): CVE-2020-36712 affects the Kali Forms plugin for WordPress (versions up to 2.1.1). The root cause is the kaliforms_form_delete_uploaded_file function, which lacks any privilege or user protections, enabling unauthenticated attackers to delete any si...
CVE-2021-36712
creationtimestamp| type| source ---|---|--- 2023-02-03 20:20:59+00:00| seen| https://t.me/cibsecurity/57480 2025-03-26 16:25:24+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8890...
CVE-2021-36712
Cross Site Scripting XSS vulnerability in yzmcms 6.1 allows attackers to steal user cookies via image clipping function...
CVE-2021-36712
Summary: CVE-2021-36712 affectsyzmcms 6.1 with a Cross Site Scripting (XSS) flaw that can allow attackers to steal user cookies via the image clipping function. The entry shows a MEDIUM severity (CVSS v3.1: 5.4), attack vector NETWORK, low attack complexity, privilegeRequired LOW, userInteraction...
CVE-2021-36712
Cross Site Scripting XSS vulnerability in yzmcms 6.1 allows attackers to steal user cookies via image clipping function...
CVE-2022-36712
creationtimestamp| type| source ---|---|--- 2022-08-30 07:34:54+00:00| seen| https://t.me/cibsecurity/49022...
CVE-2022-36712
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /staff/studentdetails.php...
CVE-2022-36712
Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /staff/studentdetails.php...
CVE-2022-36712
CVE-2022-36712 pertains to Library Management System v1.0, where the vulnerability is a SQL injection via the id parameter in the endpoint /staff/studentdetails.php. The connected documents consistently describe the issue as an input-injection flaw that could affect data confidentiality, integrit...