CVE-2026-5328 shsuishang modulithshop ProductItemDao ProductIndexServiceImpl.java listItem sql injection

A weakness has been identified in shsuishang modulithshop up to 829bac71f507e84684c782b9b062b8bf3b5585d6. The impacted element is the function listItem of the file src/main/java/com/suisung/shopsuite/pt/service/impl/ProductIndexServiceImpl.java of the component ProductItemDao Interface. Executing...

CVE-2025-5328

A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This vulnerability affects the function restoredel of the file /sys/apps/controllers/admin/Backups.php. The manipulation of the argument dirs leads to path traversal. The attack can be initiated remotely. The exploi...

CVE-2025-5328 chshcms mccms Backups.php restore_del path traversal

A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This vulnerability affects the function restoredel of the file /sys/apps/controllers/admin/Backups.php. The manipulation of the argument dirs leads to path traversal. The attack can be initiated remotely. The exploi...

CVE-2025-5328

creationtimestamp| type| source ---|---|--- 2025-05-29 20:47:56+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/38583 2025-05-29 22:06:07+00:00| seen| https://bsky.app/profile/FunctionalProgramming.activitypub.awakari.com.ap.brid.gy/post/3lqdq2ggk7x52 2025-05-30 00:20:34+00:00| seen...

CVE-2012-5328

Multiple SQL injection vulnerabilities in the Mingle Forum plugin 1.0.32.1 and other versions before 1.0.33 for WordPress might allow remote authenticated users to execute arbitrary SQL commands via the 1 memberid or 2 groupid parameters in a removemember action or 3 id parameter to...

CVE-2013-5328

Adobe ColdFusion 10 before Update 12 allows remote attackers to read arbitrary files via unspecified vectors...

CVE-2024-5328

A Server-Side Request Forgery SSRF vulnerability exists in the lunary-ai/lunary application, specifically within the endpoint '/auth/saml/tto/download-idp-xml'. The vulnerability arises due to the application's failure to validate user-supplied URLs before using them in server-side requests. An...

RHEL 9 : firefox (RHSA-2024:5328)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:5328 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: Firefox:...

CVE-2024-5328

CVE-2024-5328 affects lunary-ai/lunary. The issue is a SSRF in the /auth/saml/tto/download-idp-xml endpoint where user-supplied URLs are not validated before being used in server-side requests. Consequences described include disclosure of sensitive information, potential service disruption, and t...

CGA-5328-2W4X-XRGM

Bulletin has no description...

CVE-2023-5328

CVE-2023-5328 affects SATO CL4NX-J Plus 1.13.2-u455_r2, involving the Cookie Handler. The vulnerability arises from manipulating the input auth=user,level1,settings; web=true to trigger improper authentication. Local network access is required for the attack, and the exploit has been publicly dis...

Debian DSA-5328-1 : chromium - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5328 advisory. Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. For the...

CVE-2015-5328

...

Ubuntu 16.04 ESM : OpenSSL vulnerability (USN-5328-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-5328-2 advisory. USN-5328-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has extracted the...

CVE-2019-5328

...

CVE-2019-5328

CVE-2019-5328 entry is rejected/not used as stated in the description.

CVE-2011-5328

creationtimestamp| type| source ---|---|--- 2019-08-20 18:33:50+00:00| seen| https://t.me/cibsecurity/6234...

CVE-2011-5328

CVE-2011-5328: WordPress User Access Manager plugin before 1.2 suffers CSRF. Affected component: user-access-manager plugin (WordPress). Root cause: requests can be forged cross-site. Impact stated as CSRF; exploitation status not provided in the documents. Remediation: upgrade to version 1.2 or ...

CVE-2011-5328

The user-access-manager plugin before 1.2 for WordPress has CSRF...

Design/Logic Flaw

This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...