12 matches found
MAL-2025-36735 Malicious code in testli (npm)
The package testli was found to contain malicious code...
CVE-2020-36735
The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.3. This is due to missing or incorrect nonce validation on the handleleavecalendarfilter,...
CVE-2023-36735
Microsoft Edge Chromium-based Elevation of Privilege Vulnerability...
CVE-2023-36735 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
...
CVE-2023-36735
CVE-2023-36735 is a Microsoft Edge (Chromium-based) elevation of privilege vulnerability. The affected product is the Edge browser (Chromium-based). The CVSS metrics indicate a high-severity issue (9.6, CRITICAL) with a network attack vector, no privileges required, but user interaction needed, a...
CVE-2023-36735 Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
...
Microsoft Edge (Chromium) < 117.0.2045.31 Multiple Vulnerabilities
The version of Microsoft Edge installed on the remote Windows host is prior to 117.0.2045.31. It is, therefore, affected by multiple vulnerabilities as referenced in the September 15, 2023 advisory. - Microsoft Edge Chromium-based Elevation of Privilege Vulnerability CVE-2023-36562, CVE-2023-3673...
CVE-2020-36735
The WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.3. This is due to missing or incorrect nonce validation on the handleleavecalendarfilter,...
CVE-2020-36735
The CVE-2020-36735 vulnerability affects the WP ERP plugin for WordPress (versions up to and including 1.6.3). The root cause is missing or incorrect nonce validation on the functions handle_leave_calendar_filter, add_enable_disable_option_save, leave_policies, process_bulk_action, and process_cr...
CVE-2022-36735
CVE-2022-36735 affects Library Management System v1.0. A SQL injection vulnerability exists in the /admin/delete.php endpoint via the bookId parameter, enabling attacker-controlled input to influence SQL queries. The CVSSv3.1 impact metrics indicate a CRITICAL severity (9.8) with network attack v...
CVE-2021-36735
This CVE entry is rejected/not used and does not represent an active vulnerability.
CVE-2021-36735
...