891 matches found
MiracleLinux 3 : newt-0.52.2-13AXS3 (AXSA:2009-404:02)
The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-404:02 advisory. Newt is a programming library for color text mode, widget based user interfaces. Newt can be used to add stacked windows, entry widgets, checkboxes, radio...
CVE-2019-7915
A denial-of-service vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. Under certain conditions, an unauthenticated attacker could force the Magento store's full page cache to serve a 404 page to customers...
CVE-2025-62880
Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...
CVE-2025-62880
Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...
EUVD-2025-204706
Cross-Site Request Forgery CSRF vulnerability in Kunal Nagar Custom 404 Pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through 3.12.0...
CVE-2025-62880 WordPress Custom 404 Pro plugin <= 3.12.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...
CVE-2025-62880 WordPress Custom 404 Pro plugin <= 3.12.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Kunal Custom 404 Pro custom-404-pro allows Cross Site Request Forgery.This issue affects Custom 404 Pro: from n/a through = 3.12.0...
CVE-2025-62880
CVE-2025-62880 concerns a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Custom 404 Pro (versions up to and including 3.12.0). The CVE documents indicate the vulnerability affects Custom 404 Pro and can enable unauthorized actions on behalf of authenticated users due to C...
WordPress plugin Custom 404 Pro 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...
PT-2025-52640
Name of the Vulnerable Software and Affected Versions Custom 404 Pro versions through 3.12.0 Description A Cross-Site Request Forgery issue exists in Kunal Nagar Custom 404 Pro. This allows attackers to perform actions on behalf of authenticated users. The issue affects Custom 404 Pro WordPress...
CVE-2025-14477
The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This is due to improper sanitization of the filterText paramet...
Malicious code in elf-stats-sugarplum-star-404 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af58caae8c9aabd3fde2e959bd640de9a2ce156fef007eb07c76d62a6a25d1fd The package elf-stats-sugarplum-star-404 was found to contain malicious code...
MAL-2025-192173 Malicious code in elf-stats-sugarplum-star-404 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector af58caae8c9aabd3fde2e959bd640de9a2ce156fef007eb07c76d62a6a25d1fd The package elf-stats-sugarplum-star-404 was found to contain malicious code...
EUVD-2024-55061
Nagios XI versions prior to 2024R1.1 is vulnerable to a cross-site scripting XSS when a user visits the "missing page" 404 page after following a link from another website. The vulnerable component, page-missing.php, fails to properly validate or escape user-supplied input, allowing an attacker t...
CVE-2024-13992
Nagios XI versions prior to 2024R1.1 is vulnerable to a cross-site scripting XSS when a user visits the "missing page" 404 page after following a link from another website. The vulnerable component, page-missing.php, fails to properly validate or escape user-supplied input, allowing an attacker t...
CVE-2024-13992
Nagios XI versions prior to 2024R1.1 is vulnerable to a cross-site scripting XSS when a user visits the "missing page" 404 page after following a link from another website. The vulnerable component, page-missing.php, fails to properly validate or escape user-supplied input, allowing an attacker t...
CVE-2024-13992 Nagios XI < 2024R1.1 XSS via Missing Page / 404
Nagios XI versions prior to 2024R1.1 is vulnerable to a cross-site scripting XSS when a user visits the "missing page" 404 page after following a link from another website. The vulnerable component, page-missing.php, fails to properly validate or escape user-supplied input, allowing an attacker t...
CVE-2024-13992 Nagios XI < 2024R1.1 XSS via Missing Page / 404
Nagios XI versions prior to 2024R1.1 is vulnerable to a cross-site scripting XSS when a user visits the "missing page" 404 page after following a link from another website. The vulnerable component, page-missing.php, fails to properly validate or escape user-supplied input, allowing an attacker t...
CVE-2025-53533
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting XSS via a malformed URL path. The 404 error page includes t...
CVE-2025-53533
CVE-2025-53533 affects Pi-hole Admin Interface ≤ 6.2.1. It is a reflected XSS in the 404 page caused by including the requested path in the body tag’s class attribute without proper sanitization, enabling an attacker to craft a link with an onload attribute that executes arbitrary JavaScript in a...