14 matches found
MAL-2025-37551 Malicious code in ugli-mike-kilo-yvlls (npm)
The package ugli-mike-kilo-yvlls was found to contain malicious code...
CVE-2024-37551
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Perials Simple Social Share allows Stored XSS.This issue affects Simple Social Share: from n/a through 3.0...
CVE-2021-37551
In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256...
CVE-2024-37551
creationtimestamp| type| source ---|---|--- 2024-07-21 10:01:39+00:00| seen| https://t.me/cvedetector/1308...
CVE-2024-37551
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Perials Simple Social Share allows Stored XSS.This issue affects Simple Social Share: from n/a through 3.0...
CVE-2024-37551 WordPress Simple Social Share plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Perials Simple Social Share allows Stored XSS.This issue affects Simple Social Share: from n/a through 3.0...
CVE-2024-37551 WordPress Simple Social Share plugin <= 3.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Perials Simple Social Share allows Stored XSS.This issue affects Simple Social Share: from n/a through 3.0...
WordPress Simple Social Share Plugin <=3.0 is vulnerable to Cross Site Scripting (XSS)
Software Simple Social Share Type Plugin Vulnerable versions =3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-37551 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 64e72c1e98e1 Credits Sharanabasappa Required privilege...
CVE-2023-37551
creationtimestamp| type| source ---|---|--- 2023-08-03 16:40:15+00:00| seen| https://t.me/cibsecurity/67673 2026-03-17 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01...
CVE-2023-37551
In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfe...
CVE-2023-37551 CODESYS Files or Directories Accessible to External Parties in CmpApp
In multiple Codesys products in multiple versions, after successful authentication as a user, specially crafted network communication requests can utilize the CmpApp component to download files with any file extensions to the controller. In contrast to the regular file download via CmpFileTransfe...
CVE-2023-37551
The CVE-2023-37551 issue affects Codesys products where, after user authentication, crafted requests can use the CmpApp component to download files with arbitrary extensions to the controller, bypassing type filtering and potentially compromising the CODESYS Runtime integrity. The attack paths de...
CVE-2021-37551
creationtimestamp| type| source ---|---|--- 2021-08-06 18:32:37+00:00| seen| https://t.me/cibsecurity/26943...
CVE-2021-37551
CVE-2021-37551 affects JetBrains YouTrack prior to 2021.2.16363, where system user passwords were hashed with SHA-256. Public sources (CNVD/Red Hat/NVD) describe an encryption/hash issue that could allow password recovery from the hash. JetBrains’ Q2 2021 Security Bulletin confirms the issue and ...