MINI-3752-479V-P76W

Bulletin has no description...

RockyLinux 10 : osbuild-composer (RLSA-2026:3752)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:3752 advisory. crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate CVE-2025-61729 golang: archive/zip: Excessive CPU...

CVE-2026-3752 SourceCodester Employee Task Management System GET Parameter daily-task-report.php sql injection

A flaw has been found in SourceCodester Employee Task Management System up to 1.0. The affected element is an unknown function of the file /daily-task-report.php of the component GET Parameter Handler. This manipulation of the argument Date causes sql injection. It is possible to initiate the...

CVE-2026-3752

creationtimestamp| type| source ---|---|--- 2026-03-08 16:16:08+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-3752...

Oracle Linux 10 : osbuild-composer (ELSA-2026-3752)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3752 advisory. - Ensure build on latest golang: CVE-2024-34156 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory...

EUVD-2026-3752

Malicious code in worldposition npm...

SUSE: Security Advisory (SUSE-SU-2025:3752-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2007-3752

Malware in sbrugna...

RHSA-2024:3752

creationtimestamp| type| source ---|---|--- 2025-07-08 05:16:58+00:00| seen| Telegram/4wEYLxVUxQuNbJ-OS9FpooVY154mAqLMyyVIa9MwJNiDTA...

CVE-2011-3752

LimeSurvey 1.90+ build9642-20101214 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by admin/statistics.php and certain other files...

CVE-2025-3752

creationtimestamp| type| source ---|---|--- 2025-04-25 05:08:57+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/13377 2025-04-25 05:42:36+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnmiyyayffr2 2025-04-25 09:09:18+00:00| seen|...

CVE-2025-3752 Able Player, accessible HTML5 media player <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via preload Parameter

The Able Player, accessible HTML5 media player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘preload’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

CVE-2025-3752 Able Player, accessible HTML5 media player <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via preload Parameter

The Able Player, accessible HTML5 media player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘preload’ parameter in all versions up to, and including, 1.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

openSUSE Security Advisory (SUSE-SU-2024:3752-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2024-3752 Crelly Slider <= 1.4.5 - Admin+ Stored XSS

The Crelly Slider WordPress plugin through 1.4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

WordPress Crelly Slider Plugin <= 1.4.6 is vulnerable to Cross Site Scripting (XSS)

Software Crelly Slider Type Plugin Vulnerable versions = 1.4.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3752 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID de31bf5cf0cd Credits Bob Matyas Required privileg...

CVE-2023-3752

creationtimestamp| type| source ---|---|--- 2023-07-19 07:24:57+00:00| seen| https://t.me/cibsecurity/66985...

CVE-2023-3752

A vulnerability was found in Creativeitem Academy LMS 5.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home/courses. The manipulation of the argument sortby leads to cross site scripting. The attack may be launched remotely. VDB-234422 is t...

CVE-2023-3752

CVE-2023-3752 describes a cross-site scripting vulnerability in Creativeitem Academy LMS 5.15. The issue arises from manipulating the sort_by parameter in the /home/courses functionality, enabling remote exploitation via the network. Affected component: the /home/courses logic within Creativeitem...

CVE-2023-3752 Creativeitem Academy LMS courses cross site scripting

A vulnerability was found in Creativeitem Academy LMS 5.15. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /home/courses. The manipulation of the argument sortby leads to cross site scripting. The attack may be launched remotely. VDB-234422 is t...