891 matches found
CVE-2025-53533
CVE-2025-53533 affects Pi-hole Admin Interface ≤ 6.2.1. It is a reflected XSS in the 404 page caused by including the requested path in the body tag’s class attribute without proper sanitization, enabling an attacker to craft a link with an onload attribute that executes arbitrary JavaScript in a...
CVE-2025-53533 Pi-hole Admin Interface vulnerable to cross-site scripting via malformed URL path on 404 error page
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level advertisement and internet tracker blocking application. Pi-hole Admin Interface versions 6.2.1 and earlier are vulnerable to reflected cross-site scripting XSS via a malformed URL path. The 404 error page includes t...
PT-2025-44019
Name of the Vulnerable Software and Affected Versions Pi-hole Admin Interface versions 6.2.1 and earlier Description The Pi-hole Admin Interface, a web interface for managing the Pi-hole network-level advertisement and internet tracker blocking application, is susceptible to reflected cross-site...
WordPress Custom 404 Pro plugin <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter vulnerability
Authenticated Administrator+ SQL Injection via path Parameter vulnerability discovered by jamaal in WordPress Plugin Custom 404 Pro versions = 3.12.0...
CVE-2025-9947
The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
EUVD-2025-33841
The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-9947
The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-9947 Custom 404 Pro <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter
The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-9947 Custom 404 Pro <= 3.12.0 - Authenticated (Administrator+) SQL Injection via `path` Parameter
The Custom 404 Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ‘path’ parameter in all versions up to, and including, 3.12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...
CVE-2025-9947
CVE-2025-9947 affects the WordPress plugin Custom 404 Pro . All versions up to 3.12.0 are vulnerable to a time-based SQL Injection via the path parameter due to insufficient escaping and query preparation. An authenticated attacker with Administrator+ privileges can append SQL statements to exist...
WordPress plugin Custom 404 Pro SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A SQL injectio...
PT-2025-41682
Name of the Vulnerable Software and Affected Versions Custom 404 Pro plugin for WordPress versions prior to 3.13.0 Description The Custom 404 Pro plugin for WordPress is susceptible to time-based SQL Injection through the path parameter. This is due to inadequate input sanitization and insufficie...
EUVD-2002-2225
Malware in sbrugna...
EUVD-2021-21468
Malware in sbrugna...
EUVD-2005-3423
Malware in sbrugna...
EUVD-2008-2419
Malware in sbrugna...
EUVD-2019-2238
Malware in sbrugna...
EUVD-2019-6755
Malware in sbrugna...
EUVD-2018-0021
Malware in sbrugna...
EUVD-2019-0440
Malware in sbrugna...