CVE-2026-45055

creationtimestamp| type| source ---|---|--- 2026-05-13 23:50:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlrinfohog2k...

CVE-2025-45055

Silverpeas 6.4.2 contains a stored cross-site scripting XSS vulnerability in the event management module. An authenticated user can upload a malicious SVG file as an event attachment, which, when viewed by an administrator, executes embedded JavaScript in the admin's session. This allows attacker...

CVE-2025-45055

creationtimestamp| type| source ---|---|--- 2025-06-09 20:31:23+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17768...

CVE-2025-45055

Silverpeas 6.4.2 contains a stored cross-site scripting XSS vulnerability in the event management module. An authenticated user can upload a malicious SVG file as an event attachment, which, when viewed by an administrator, executes embedded JavaScript in the admin's session. This allows attacker...

CVE-2025-45055

Silverpeas 6.4.2 is affected in the Event Management module by a stored XSS flaw: an authenticated user can upload a malicious SVG as an event attachment, and when an administrator views it, embedded JavaScript can run in the admin session. This stems from insufficient sanitization of SVG files a...

Adobe InCopy 16.0.0 < 16.4.1 Multiple Vulnerabilities (APSB22-04)

The version of Adobe InCopy installed on the remote host is prior to 16.4.1. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB22-04 advisory. - Adobe InCopy version 16.4 and earlier is affected by an out-of-bounds write vulnerability that could result in arbitrary...

CVE-2023-45055

creationtimestamp| type| source ---|---|--- 2023-11-06 12:25:52+00:00| seen| https://t.me/cibsecurity/73587...

CVE-2023-45055

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in InspireUI MStore API allows SQL Injection.This issue affects MStore API: from n/a through 4.0.6...

CVE-2023-45055 WordPress MStore API Plugin <= 4.0.6 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in InspireUI MStore API allows SQL Injection.This issue affects MStore API: from n/a through 4.0.6...

CVE-2023-45055

CVE-2023-45055 is a SQL injection in WordPress/MStore API (InspireUI MStore API) plugin

WordPress MStore API Plugin <= 4.0.6 is vulnerable to SQL Injection

Software MStore API Type Plugin Vulnerable versions = 4.0.6 Fixed in 4.0.7 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-45055 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 62679b9fbc47 Credits Truoc Phan Required privilege Subscriber Published 3...

CVE-2021-45055

Adobe InCopy 16.4 and earlier are affected by an out-of-bounds read when parsing crafted files, potentially allowing code execution in the user’s context. Exploitation requires user interaction (victim must open a malicious file). The issue is addressed in Adobe InCopy 16.4.1 (APSB22-04). Other s...