16 matches found
CVE-2025-40651
creationtimestamp| type| source ---|---|--- 2025-05-28 15:22:24+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqaityazo3r2 2025-05-28 15:57:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqaky4z4xy2q...
CVE-2025-40651
Reflected Cross-Site Scripting XSS vulnerability in Real Easy Store. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the keyword parameter in /index.php?a=search. This vulnerability can be exploited to steal...
CVE-2025-40651 Reflected Cross Site Scripting (XSS) in Real Easy Store
Reflected Cross-Site Scripting XSS vulnerability in Real Easy Store. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the keyword parameter in /index.php?a=search. This vulnerability can be exploited to steal...
CVE-2025-40651
Real Easy Store suffers a Reflected Cross-Site Scripting (XSS) via the keyword parameter in /index.php?a=search. An attacker can lure a victim to a crafted URL to execute JavaScript in the browser, potentially stealing session cookies or acting on behalf of the user. The CVSS data indicates a 5.1...
CVE-2024-40651
In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40651
In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed...
CVE-2022-40651
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
CVE-2024-40651
creationtimestamp| type| source ---|---|--- 2025-01-28 19:31:31+00:00| seen| https://infosec.exchange/users/cve/statuses/113907642483169674 2025-01-28 20:16:09+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgtbik25oc2t 2025-01-28 22:48:58+00:00| seen|...
CVE-2024-40651
In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40651
creationtimestamp| type| source ---|---|--- 2023-10-08 07:15:11+00:00| seen| https://t.me/cibsecurity/71786...
CVE-2023-40651
CVE-2023-40651 affects the urild service and is caused by a missing bounds check that allows an out-of-bounds write. The NVD entry notes a local denial-of-service impact with system-level execution privileges required and a CVSS v3.1 base score of 4.4 (Local, Low Attack Complexity, High Privilege...
CVE-2022-40651
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ansys SpaceClaim 2022 R1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsi...
CVE-2022-40651
Ansys SpaceClaim 2022 R1 is affected by a vulnerability in parsing of X_B files, caused by insufficient validation that allows a write past the end of an allocated data structure. This can enable remote code execution with user interaction (target must visit a malicious page or open a malicious f...
CVE-2021-40651
creationtimestamp| type| source ---|---|--- 2021-09-29 16:36:48+00:00| seen| https://t.me/cibsecurity/29635...
CVE-2021-40651
OS4Ed OpenSIS Community 8.0 is vulnerable to a local file inclusion vulnerability in Modules.php modname parameter, which can disclose arbitrary file from the server's filesystem as long as the application has access to the file...
OpenSIS 8.0 'modname' - Directory Traversal
Exploit Title: OpenSIS 8.0 'modname' - Directory/Path Traversal Date: 09-02-2021 Exploit Author: Eric Salario Vendor Homepage: http://www.os4ed.com/ Software Link: https://opensis.com/download Version: 8.0 Tested on: Windows, Linux CVE: CVE-2021-40651 The 'modname' parameter in the 'Modules.php' ...