EUVD-2025-5003

Malicious code in bioql PyPI...

CVE-2025-5003

creationtimestamp| type| source ---|---|--- 2025-05-20 22:40:40+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17093...

CVE-2025-5003

A vulnerability has been found in projectworlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /semesterajax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

CVE-2025-5003 projectworlds Online Time Table Generator semester_ajax.php sql injection

A vulnerability has been found in projectworlds Online Time Table Generator 1.0 and classified as critical. This vulnerability affects unknown code of the file /semesterajax.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2016-5003

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to execute arbitrary code via a crafted serialized Java objec...

Adobe Creative Cloud < 4.5.5.342 Privilege Escalation (APSB18-20)

The version of Adobe Creative Cloud installed on the remote Windows host is prior to 4.5.5.342. It is, therefore, affected by a vulnerability as referenced in the APSB18-20 advisory. - Adobe Creative Cloud Desktop Application before 4.5.5.342 installer has an insecure library loading dll hijackin...

CVE-2024-5003 WP Stacker <= 1.8.5 - Stored XSS via CSRF

The WP Stacker WordPress plugin through 1.8.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2024-5003 WP Stacker <= 1.8.5 - Stored XSS via CSRF

The WP Stacker WordPress plugin through 1.8.5 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2024-5003

CVE-2024-5003 affects WP Stacker WordPress plugin

RHEL 5 : xmlrpc (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - xmlrpc: XML external entity vulnerability SSRF via a crafted DTD CVE-2016-5002 - xmlrpc: Deserialization ...

WordPress WP Stacker Plugin <= 1.8.5 is vulnerable to Cross Site Scripting (XSS)

Software WP Stacker Type Plugin Vulnerable versions = 1.8.5 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Scripting XSS CVE CVE-2024-5003 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 63e4d919bc93 Credits Bob Matyas Required privilege...

RHEL 6 / 7 : rh-java-common-xmlrpc (RHSA-2018:1784)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1784 advisory. Apache XML-RPC is a Java implementation of XML-RPC, a popular protocol that uses XML over HTTP to implement remote procedure calls. Security Fixe...

Malicious code in wlwz-2312-5003 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7470ec0b5a5579469d69934e2e983af7eb6ec2cc212e353c1d5ae8fff2eb641 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-623 Malicious code in wlwz-2312-5003 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7470ec0b5a5579469d69934e2e983af7eb6ec2cc212e353c1d5ae8fff2eb641 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

GLSA-202401-26 : Apache XML-RPC: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202401-26 Apache XML-RPC: Multiple Vulnerabilities - XML external entity XXE vulnerability in the Apache XML-RPC aka ws-xmlrpc library 3.1.3, as used in Apache Archiva, allows remote attackers to conduct server-side request forger...

CVE-2023-5003

creationtimestamp| type| source ---|---|--- 2023-10-17 00:38:22+00:00| seen| https://t.me/cibsecurity/72373...

WordPress Active Directory Integration / LDAP Integration Plugin < 4.1.10 is vulnerable to Sensitive Data Exposure

Software Active Directory Integration / LDAP Integration Type Plugin Vulnerable versions 4.1.10 Fixed in 4.1.10 OWASP Top 10 A9: Security Logging and Monitoring Failures Classification Sensitive Data Exposure CVE CVE-2023-5003 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSI...

CVE-2023-5003

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...

CVE-2023-5003 Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure

The Active Directory Integration / LDAP Integration WordPress plugin before 4.1.10 stores sensitive LDAP logs in a buffer file when an administrator wants to export said logs. Unfortunately, this log file is never removed, and remains accessible to any users knowing the URL to do so...

CVE-2023-5003

Summary: CVE-2023-5003 affects the Active Directory Integration / LDAP Integration WordPress plugin (pre-4.1.10). The issue cores in storing sensitive LDAP logs in a buffer file created when an administrator exports logs; the buffer file is not removed and can be accessed by anyone who knows the ...