CVE-2025-5224

creationtimestamp| type| source ---|---|--- 2025-05-27 03:36:08+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lq4r3kavux52...

CVE-2025-5224 Campcodes Online Hospital Management System add-doctor.php sql injection

A vulnerability classified as critical has been found in Campcodes Online Hospital Management System 1.0. Affected is an unknown function of the file /admin/add-doctor.php. The manipulation of the argument Doctorspecialization leads to sql injection. It is possible to launch the attack remotely...

CVE-2025-5224

CVE-2025-5224 affects Campcodes Online Hospital Management System 1.0. Affected is an unknown function in /admin/add-doctor.php where manipulating the Doctorspecialization parameter leads to a SQL injection. The vulnerability is exploitable remotely and the exploit has been disclosed publicly. Mu...

CVE-2010-5224

Untrusted search path vulnerability in Cool iPhone Ringtone Maker 2.2.3 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .mp3 file. NOTE: some of these details are obtained from third party...

CGA-G75P-PWM5-5224

Bulletin has no description...

CVE-2024-5224

The Easy Social Like Box – Popup – Sidebar Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cardozafacebooklikebox' shortcode in all versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied attributes...

CVE-2024-5224 Easy Social Like Box – Popup – Sidebar Widget <= 4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Easy Social Like Box – Popup – Sidebar Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cardozafacebooklikebox' shortcode in all versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied attributes...

CVE-2024-5224 Easy Social Like Box – Popup – Sidebar Widget <= 4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Easy Social Like Box – Popup – Sidebar Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'cardozafacebooklikebox' shortcode in all versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied attributes...

WordPress Easy Social Like Box – Popup – Sidebar Widget Plugin <= 4.0 is vulnerable to Cross Site Scripting (XSS)

Software Easy Social Like Box – Popup – Sidebar Widget Type Plugin Vulnerable versions = 4.0 Fixed in 4.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5224 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 595d5823e3e8 Credit...

CVE-2019-5224

creationtimestamp| type| source ---|---|--- 2024-03-05 15:52:00+00:00| seen| https://t.me/ctinow/200373...

RHEL 9 : thunderbird (RHSA-2023:5224)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:5224 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.15.1. Security Fixes: libwebp...

Oracle Linux 9 : thunderbird (ELSA-2023-5224)

The remote Oracle Linux 9 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-5224 advisory. 102.15.1-1.0.1 - Update to 102.15.1 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has...

RHEL 8 : kernel-rt (RHSA-2022:5224)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:5224 advisory. The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirement...

Ubuntu 16.04 ESM : Ghostscript vulnerabilities (USN-5224-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5224-2 advisory. USN-5224-1 fixed several vulnerabilities in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the...

Ubuntu 18.04 LTS / 20.04 LTS : Ghostscript vulnerabilities (USN-5224-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5224-1 advisory. It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a...

CVE-2021-40178

Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGOPATH key value in the logon settings...

CVE-2021-40178

Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGOPATH key value in the logon settings...

Cross site scripting

Zoho ManageEngine Log360 before Build 5224 allows stored XSS via the LOGOPATH key value in the logon settings...

CVE-2019-5224

CVE-2019-5224 affects Huawei P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193 (C00E190R1P21). The issue is an out-of-bounds read caused by improper validation of a length parameter transported from an application to the kernel, enabling information disclosure. Exploitation requires...

CVE-2019-5224

P30 smartphones with versions earlier than ELLE-AL00B 9.1.0.193C00E190R1P21 have an out of bounds read vulnerability. The system does not properly validate certain length parameter which an application transports to kernel. An attacker tricks the user to install a malicious application, successfu...