EUVD-2006-1228

Malware in sbrugna...

cc.zhaoac:faith-permission (=1.1.0), cc.zhaoac:faith-tool-boot (=1.1.0) +862 more potentially affected by CVE-2025-56769 via cn.hutool:hutool-extra (>=4.5.11 <=5.8.4)

cn.hutool:hutool-extra MAVEN version =4.5.11, =1.0.0, =1.0.0, =1.2.0 - cn.fscode.common:common-core-spring-boot-starter =0.0.1 - cn.fscode.common:common-data-mate-spring-boot-starter =0.0.1 - cn.fscode.common:common-dynamic-datasource-spring-boot-starter =0.0.1 and more Source cves: CVE-2025-5676...

CVE-2023-33309

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Awesome Motive Duplicator Pro plugin = 4.5.11 versions...

1food-menu (>=0.0.1 <=0.2.3), 7qb-cli (=2.0.0) +2691 more potentially affected by CVE-2025-32395 via vite (>=0.14.4 <=4.5.11)

vite NPM version =0.14.4, =0.0.1, =1.0.0, =4.0.61, =4.0.61, =4.0.61, =4.0.61, =0.0.3, =1.0.1, =1.0.12, =0.0.4, =1.0.1, =1.0.7 and more Source cves: CVE-2025-32395 Source advisory: OSV:GHSA-356W-63V5-8WF4...

RHEL 8 / 9 : Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update (Moderate) (RHSA-2024:6765)

The remote Redhat Enterprise Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:6765 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT...

CVE-2023-33309

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Awesome Motive Duplicator Pro plugin = 4.5.11 versions...

CVE-2023-33309 WordPress Duplicator Pro Plugin <= 4.5.11 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Awesome Motive Duplicator Pro plugin = 4.5.11 versions...

WordPress plugin Duplicator Pro 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress Duplicator Pro Plugin <= 4.5.11 is vulnerable to Cross Site Scripting (XSS)

Software Duplicator Pro Type Plugin Vulnerable versions = 4.5.11 Fixed in 4.5.11.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33309 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d61102a3e8cc Credits Rafie Muhammad...

Ivory Search < 4.5.11 - Authenticated Reflected Cross-Site Scripting (XSS)

The setting page of Ivory Search 4.5.10 is vulnerable to reflected XSS when a logged in administrator visit a malicious link or page, as it does not sanitise or escape the GET post parameter before outputting it in a tag attribute As an admin user, open:...

UBUNTU-CVE-2013-2040

Multiple cross-site scripting XSS vulnerabilities in ownCloud before 4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2013-2042

CVE-2013-2042 affects ownCloud, with XSS vulnerabilities in the bookmarks functionality. The description specifies that remote authenticated users could inject arbitrary web script or HTML via the url parameter to two endpoints: apps/bookmarks/ajax/addBookmark.php and apps/bookmarks/ajax/editBook...

CVE-2013-2040

Multiple cross-site scripting XSS vulnerabilities in ownCloud before 4.0.15, 4.5.x before 4.5.11, and 5.0.x before 5.0.6 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

Server: Multiple SQL injection

ownCloud before 5.0.6 does not neutralize special elements that are passed to the SQL query in lib/db.php which therefore allows an authenticated attacker to execute arbitrary SQL commands. CVE-2013-2045 ownCloud before 5.0.6 and 4.5.11 does not neutralize special elements that are passed to the...

SOL4009 - Vulnerabilities in libpng - CAN-2004-0597, CAN-2004-0598, CAN-2004-0599

These vulnerabilities are described as methods under which an attacker could generate a PNG file that would cause applications that use libpng to execute arbitrary code. Since an attacker would require root access to the BIG-IP or 3-DNS in order to exploit this vulnerability, it is considered to ...

CVE-2007-0176

Cross-site scripting XSS vulnerability in search/advancedsearch.php in GForge 4.5.11 allows remote attackers to inject arbitrary web script or HTML via the words parameter...

CVE-2007-0176

Cross-site scripting XSS vulnerability in search/advancedsearch.php in GForge 4.5.11 allows remote attackers to inject arbitrary web script or HTML via the words parameter...

CVE-2007-0176

GForge contains a cross-site scripting (XSS) vulnerability in search/advanced_search.php (words parameter) affecting version 4.5.11 (and related builds). The flaw allows remote injection of arbitrary scripts/HTML in the context of a logged-in user. Debian DSAs note a fix in 4.5.14 (and related up...

GForge Cross Site Scripting vulnerability

GForge Cross Site Scripting vulnerability Version: Tested on GForge 4.5.11 Discovered by: Jose Ramon Palanco: jose.palancoateazeldotes http://www.eazel.es Description: GForge is vulnerable to a security vulnerability that allow Cross-Site Scripting attacks. Due to improper filtering, a remote...

Directory traversal

Directory traversal vulnerability in dwnld.php in GuppY 4.5.11 allows remote attackers to overwrite arbitrary files via a "%2E." mixed encoding in the pg parameter...