CVE-2026-5293

The 診断ジェネレータ作成プラグイン Diagnosis Generator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'js' parameter in versions up to and including 1.4.16. This is due to missing authorization checks and insufficient input sanitization in the themeFunc function. The function is hooke...

CVE-2020-5293

In PrestaShop between versions 1.7.0.0 and 1.7.6.5, there are improper access controls on product page with combinations, attachments and specific prices. The problem is fixed in 1.7.6.5...

CVE-2010-5293

wp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbacks in the blogroll, which allows remote attackers to bypass intended spam restrictions via a crafted URL, as demonstrated by a URL that triggers a substring match...

Linux Distros Unpatched Vulnerability : CVE-2015-5293

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when boot protocol is set to None, which might allow...

CVE-2024-5293 D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-2640 HTTP Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-2640-US routers. Authentication is not required to exploit this vulnerability. The...

CVE-2019-5293

creationtimestamp| type| source ---|---|--- 2024-02-14 08:51:16+00:00| seen| https://t.me/ctinow/184472...

Ubuntu 16.04 ESM : c3p0 vulnerability (USN-5293-2)

The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5293-2 advisory. USN-5293-1 fixed a vulnerability in c3p0. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the preceding description bloc...

CVE-2023-5293 ECshop leancloud.php sql injection

A vulnerability, which was classified as critical, was found in ECshop 4.1.5. Affected is an unknown function of the file /admin/leancloud.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...

CVE-2023-5293

ECshop 4.1.5 is affected by a SQL injection in /admin/leancloud.php triggered by manipulating the id parameter. The vulnerability enables remote exploitation and has been publicly disclosed (CVE-2023-5293). Exploitation details across sources consistently point to an injection in an unknown funct...

CVE-2013-5293

creationtimestamp| type| source ---|---|--- 2023-09-14 22:30:47+00:00| seen| https://t.me/cibsecurity/70482...

PrestaShop 1.7.0.0 < 1.7.6.5 Multiple Vulnerabilities

PrestaShop is prone to multiple vulnerabilities. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2020-5293

PrestaShop CVE-2020-5293 involves improper access controls on the product page (combinations, attachments, and specific prices) affecting versions 1.7.0.0 through 1.7.6.5. The vulnerability is fixed in 1.7.6.5. The Red Hat and other CVE mirrors reiterate this issue. Practical impact as stated: at...

CVE-2019-5293

Some Huawei products have a memory leak vulnerability when handling some messages. A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service to be abnormal...

CVE-2016-5293

When the Mozilla Updater is run, if the Updater's log file in the working directory points to a hardlink, data can be appended to an arbitrary local file. This vulnerability requires local system access. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox E...

CVE-2016-5293

CVE-2016-5293 describes a local vulnerability in the Mozilla Updater on Windows: when the Updater log file in the working directory points to a hardlink, an attacker with local access can cause data to be appended to an arbitrary local file. Affected products include Firefox ESR older than 45.5 a...

CVE-2018-5293

The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page...

CVE-2018-5293

The CVE-2018-5293 entry concerns the WordPress GD Rating System plugin, version 2.3. It describes a Cross-Site Scripting (XSS) vulnerability exposed via the wp-admin/admin.php parameter on the gd-rating-system-tools page. This is a client-facing issue in the WordPress plugin code path that handle...

Mozilla Firefox < 50.0 Multiple Vulnerabilities

The version of Mozilla Firefox installed on the remote Windows host is prior to 50.0. It is, therefore, affected by multiple vulnerabilities, the majority of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these vulnerabilities by convincing a user...

CVE-2011-5293

The CVE-2011-5293 entry concerns ThreeDify Designer 5.0.2. The cmdSave method of the ThreeDifyDesigner.1 ActiveX control in ActiveSolid.dll allows remote attackers to write to arbitrary files via a pathname argument. Affected product: ThreeDify Designer 5.0.2 (ActiveX control). Vulnerability type...

CVE-2010-5293

wp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbacks in the blogroll, which allows remote attackers to bypass intended spam restrictions via a crafted URL, as demonstrated by a URL that triggers a substring match...