CVE-2026-5237

A security flaw has been discovered in itsourcecode Payroll Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /manageuser.php of the component Parameter Handler. Performing a manipulation of the argument ID results in sql injection. The attack is possib...

CVE-2026-5237

creationtimestamp| type| source ---|---|--- 2026-04-01 01:15:30+00:00| published-proof-of-concept| Telegram/I7gM78d3mp9wugorspZkHmlDKuo-8DymFEq-4a44ip7mrow 2026-04-01 02:53:53+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mifosvbro624...

Security Bulletin: Common Vulnerabilities found in Cloudera Data Platform Private Cloud base with IBM

Summary Common Vulnerabilities found in Cloudera Data Platform Private Cloud base with IBM v7.1.9. Upgrade to the latest service pack and hotfix to ensure fixes to the addressed vulnerabilities are obtained. Vulnerability Details CVEID:CVE-2020-9493 DESCRIPTION: A deserialization flaw was found i...

CVE-2025-5237 Target Video Easy Publish <= 3.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter

The Target Video Easy Publish plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘width’ parameter in all versions up to, and including, 3.8.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2025-5237

CVE-2025-5237 (Target Video Easy Publish, WordPress) is a stored XSS vulnerability. The issue affects Target Video Easy Publish plugin versions up to 3.8.5, where the width parameter is not properly sanitized/escaped. An attacker with Contributor-level access or higher can inject scripts that exe...

WordPress Target Video Easy Publish plugin <= 3.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via width Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via width Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Target Video Easy Publish versions = 3.8.5...

MINI-WPXW-5237-HP65

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2015-5237

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - protobuf allows remote authenticated attackers to cause a heap-based buffer overflow. CVE-2015-5237 Note that Nessus relies on the presence of the package as...

CVE-2020-5237

Multiple relative path traversal vulnerabilities in the oneup/uploader-bundle before 1.9.3 and 2.1.5 allow remote attackers to upload, copy, and modify files on the filesystem potentially leading to arbitrary code execution via the 1 filename parameter to BlueimpController.php; the 2 dzchunkindex...

CVE-2024-5237

CVE-2024-5237 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is a SQL injection in /view/timetable_grade_wise.php driven by unsafely manipulated grade parameter. Root cause: improper handling of user input enables attacker-controlled SQL execution remotely; c...

CVE-2023-5237

The Memberlite Shortcodes WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2023-5237

The Memberlite Shortcodes WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2023-5237

The CVE covers the WordPress plugin Memberlite Shortcodes (pre-1.3.9). Root cause: the plugin does not validate or escape some shortcode attributes before output, enabling Stored XSS. Impact: could be used by a low-privilege user (as low as contributor) to target higher-privilege users (e.g., adm...

CVE-2023-5237 Memberlite Shortcodes < 1.3.9 - Contributor+ Stored XSS via Shortcode

The Memberlite Shortcodes WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

CVE-2023-5237 Memberlite Shortcodes < 1.3.9 - Contributor+ Stored XSS via Shortcode

The Memberlite Shortcodes WordPress plugin before 1.3.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

WordPress Memberlite Shortcodes Plugin < 1.3.9 is vulnerable to Cross Site Scripting (XSS)

Software Memberlite Shortcodes Type Plugin Vulnerable versions 1.3.9 Fixed in 1.3.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5237 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ce33c2810ef4 Credits Dmitrii Ignatyev...

Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM : MediaInfoLib vulnerabilities (USN-5237-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5237-1 advisory. It was discovered that MediaInfoLib incorrectly handled certain specially crafted files. An attacker could possibly use this issu...

CVE-2013-5237

creationtimestamp| type| source ---|---|--- 2023-09-14 22:24:44+00:00| seen| https://t.me/cibsecurity/70462...

GHSA-33PG-M6JH-5237 vulnerabilities

Vulnerabilities for packages: up, melange, bom, ko, apko, helm, ctop...

SUSE CVE-2007-5237

Java Web Start in Sun JDK and JRE 6 Update 2 and earlier does not properly enforce access restrictions for untrusted applications, which allows user-assisted remote attackers to read and modify local files via an untrusted application, aka "two vulnerabilities."...