18 matches found
CVE-2026-43977
creationtimestamp| type| source ---|---|--- 2026-05-14 12:37:19+00:00| published-proof-of-concept| https://github.com/wger-project/wger/security/advisories/GHSA-cj9g-27ph-4cgv...
CVE-2025-43977
The com.skt.prod.dialer application through 12.5.0 for Android enables any installed application with no permissions to place phone calls without user interaction by sending a crafted intent via the com.skt.prod.dialer.activities.outgoingcall.OutgoingCallInternalBroadcaster component...
CVE-2025-43977
The com.skt.prod.dialer application through 12.5.0 for Android enables any installed application with no permissions to place phone calls without user interaction by sending a crafted intent via the com.skt.prod.dialer.activities.outgoingcall.OutgoingCallInternalBroadcaster component...
CVE-2025-43977
The com.skt.prod.dialer application through 12.5.0 for Android enables any installed application with no permissions to place phone calls without user interaction by sending a crafted intent via the com.skt.prod.dialer.activities.outgoingcall.OutgoingCallInternalBroadcaster component...
CVE-2025-43977
The CVE-2025-43977 issue affects the Android app com.skt.prod.dialer (versions through 12.5.0). Affected component is the OutgoingCallInternalBroadcaster, which can be triggered by any installed app without permissions to initiate phone calls, due to a crafted intent. This results in potential un...
CVE-2024-43977
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a...
CVE-2022-43977
An issue was discovered on GE Grid Solutions MS3000 devices before 3.7.6.25p03.2.2.17p04.7p0. The debug port accessible via TCP a qconn service lacks access control...
CVE-2024-43977
creationtimestamp| type| source ---|---|--- 2024-09-18 01:39:31+00:00| seen| https://t.me/cvedetector/5878...
CVE-2024-43977
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a...
CVE-2024-43977
The CVE-2024-43977 entry describes a Stored XSS in POSIMYTH The Plus Addons for Elementor Page Builder Lite (WordPress). Affected: The Plus Addons for Elementor Page Builder Lite versions n/a through 5.6.2. Cause: Improper neutralization of input during web page generation. Impact: Stored XSS vul...
CVE-2024-43977 WordPress The Plus Addons for Elementor plugin <= 5.6.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite the-plus-addons-for-elementor-page-builder allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a...
WordPress The Plus Addons for Elementor Page Builder Lite Plugin <= 5.6.2 is vulnerable to Cross Site Scripting (XSS)
Software The Plus Addons for Elementor Page Builder Lite Type Plugin Vulnerable versions = 5.6.2 Fixed in 5.6.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43977 Patch priority Low CVSS severity Low 6.5 Developer POSIMYTH Innovations PSID 3c992f51ea8a Credits...
CVE-2022-43977
creationtimestamp| type| source ---|---|--- 2023-01-18 00:15:36+00:00| seen| https://t.me/cibsecurity/56630...
CVE-2022-43977
GE Grid Solutions MS3000 devices are affected (versions before 3.7.6.25p0_3.2.2.17p0_4.7p0). The issue is an access-control flaw in the qconn TCP debug port, allowing unauthenticated network access to the debug interface. The root cause is lack of access control on the debug port, per multiple so...
CVE-2021-43977
creationtimestamp| type| source ---|---|--- 2021-11-17 20:14:46+00:00| seen| https://t.me/cibsecurity/32536...
CVE-2021-43977
SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS...
CVE-2021-43977
The CVE-2021-43977 entry concerns SmarterTools SmarterMail 16.x through 100.x, prior to 100.0.7803, with a Cross-Site Scripting (XSS) vulnerability. The root cause is insufficient validation/filtering of user-supplied data, enabling malicious script execution in the client browser. Affected compo...
CVE-2021-43977
SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS...