WordPress Plugin Flexible Custom Post Type < 0.1.7 - Cross-Site Scripting

A cross-site scripting vulnerability in edit-post.php in the Flexible Custom Post Type plugin before 0.1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via the id parameter. id: CVE-2011-5106 info: name: WordPress Plugin Flexible Custom Post Type 0.1.7 - Cross-Site...

CVE-2026-5106

creationtimestamp| type| source ---|---|--- 2026-03-30 08:30:55+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mibapop7tt2d...

CVE-2026-5106

A flaw has been found in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/updatefst.php. Executing a manipulation of the argument sname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

Linux Distros Unpatched Vulnerability : CVE-2013-5106

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Code Execution vulnerability exists in select.py when using python-mode 2012-12-19. CVE-2013-5106 Note that Nessus relies on the presence of the package as...

CVE-2025-5106

creationtimestamp| type| source ---|---|--- 2025-05-23 16:15:36+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lptzobiysv2w...

CVE-2025-5106

A vulnerability was found in Fujian Kelixun 1.0. It has been classified as critical. This affects an unknown part of the file /app/fax/faxview.php of the component Filename Handler. The manipulation of the argument faxfile leads to os command injection. It is possible to initiate the attack...

CVE-2025-5106 Fujian Kelixun Filename fax_view.php os command injection

A vulnerability was found in Fujian Kelixun 1.0. It has been classified as critical. This affects an unknown part of the file /app/fax/faxview.php of the component Filename Handler. The manipulation of the argument faxfile leads to os command injection. It is possible to initiate the attack...

CVE-2025-5106

The CVE-2025-5106 entry concerns Fujian Kelixun 1.0, specifically the Filename Handler component. Affected file: /app/fax/fax_view.php; the fax_file argument can be manipulated to trigger an OS command injection. Attack is described as remote, with public exploit disclosure and vendor non-respons...

CVE-2024-5106

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. This vulnerability affects unknown code of the file /view/studentpaymentdetails3.php. The manipulation of the argument index leads to sql injection. The attack can be initiated remotely...

CVE-2024-5106 Campcodes Complete Web-Based School Management System student_payment_details3.php sql injection

A vulnerability classified as critical was found in Campcodes Complete Web-Based School Management System 1.0. This vulnerability affects unknown code of the file /view/studentpaymentdetails3.php. The manipulation of the argument index leads to sql injection. The attack can be initiated remotely...

Malicious code in wlwz-2312-5106 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 840c20cf73dbfa5e26d4fa725d2de4330dabd94802c0d5a69d775bb30d92ad4c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

GitLab 13.12 < 16.2.8 / 16.3.0 < 16.3.5 / 16.4.0 < 16.4.1 (CVE-2023-5106)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to...

CVE-2023-5106

creationtimestamp| type| source ---|---|--- 2023-10-02 16:45:21+00:00| seen| https://t.me/cibsecurity/71405...

CVE-2023-5106

An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports...

UBUNTU-CVE-2023-5106

An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports...

CVE-2023-5106 Incorrect Authorization in GitLab

An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports...

CVE-2023-5106 Incorrect Authorization in GitLab

An issue has been discovered in Ultimate-licensed GitLab EE affecting all versions starting 13.12 prior to 16.2.8, 16.3.0 prior to 16.3.5, and 16.4.0 prior to 16.4.1 that could allow an attacker to impersonate users in CI pipelines through direct transfer group imports...

CVE-2023-5106

CVE-2023-5106 affects Ultimate-licensed GitLab EE. Versions 13.12–before 16.2.8, 16.3.0–before 16.3.5, and 16.4.0–before 16.4.1 allow an attacker to impersonate users in CI pipelines via direct transfer group imports. The available documents do not specify a confirmed fixed version or patch detai...

SUSE CVE-2016-5106

The megasasdcmdsetproperties function in hw/scsi/megasas.c in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest administrators to cause a denial of service out-of-bounds write access via vectors involving a MegaRAID Firmware Interface MFI command...

SUSE CVE-2017-5106

Insufficient Policy Enforcement in Omnibox in Google Chrome prior to 60.0.3112.78 for Mac, Windows, Linux, and Android allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name...