CVE-2024-5413

A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/scheduled.php, all parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their...

CVE-2024-5413 Cross-Site Scripting (XSS) vulnerability on PhpMyBackupPro

A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/scheduled.php, all parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their...

CVE-2024-5413

CVE-2024-5413 concerns a cross-site scripting (XSS) vulnerability in PhpMyBackupPro version 2.3. The issue is disclosed as an XSS in the endpoint "/phpmybackuppro/scheduled.php" that processes multiple parameters, enabling an attacker to craft a URL that could reveal a victim’s session details. T...

CVE-2024-5413 Cross-Site Scripting (XSS) vulnerability on PhpMyBackupPro

A vulnerability have been discovered in PhpMyBackupPro affecting version 2.3 that could allow an attacker to execute XSS through /phpmybackuppro/scheduled.php, all parameters. This vulnerabilities could allow an attacker to create a specially crafted URL and send it to a victim to retrieve their...

CVE-2023-5413

creationtimestamp| type| source ---|---|--- 2024-01-12 10:36:49+00:00| seen| https://t.me/ctinow/167184...

CVE-2023-5413

The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-5413

CVE-2023-5413 concerns the WordPress plugin “Image horizontal reel scroll slideshow”. Affected versions are up to and including 13.3, where insufficient input sanitization and output escaping on user-supplied attributes in the ihrss-gallery shortcode enables stored cross-site scripting (XSS) by a...

WordPress Image horizontal reel scroll slideshow Plugin <= 13.3 is vulnerable to Cross Site Scripting (XSS)

Software Image horizontal reel scroll slideshow Type Plugin Vulnerable versions = 13.3 Fixed in 13.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5413 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f4bff9d695d5 Credits...

CVE-2016-5413

...

Mageia: Security Advisory (MGASA-2018-0018)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox Security Advisory (MFSA2017-05) - Linux

This host is missing a security update for Mozilla Firefox. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

cn.strongculture:prometheus-spring-boot-starter (=1.0.0), com.buession.springcloud.stream:buession-springcloud-stream-core (>=2.2.1 <=2.3.3) +105 more potentially affected by CVE-2020-5413 via org.springframework.integration:spring-integration-core (>=5.3.0.RELEASE <=5.3.1.RELEASE)

org.springframework.integration:spring-integration-core MAVEN version =5.3.0.RELEASE, =2.2.1, =2.2.1, =2.2.1, =2.2.1, =2.2.1, =2.2.1, =2.2.1, =2.2.1, =2.2.1, =2.2.1, =2.2.1, =2.2.1, =2.2.1, =2.3.3...

ai.hyacinth.framework:core-service-bus-support (=0.5.24), cc.cc4414:cc-spring-auth-server (=0.5.1) +406 more potentially affected by CVE-2020-5413 via org.springframework.integration:spring-integration-core (>=5.2.0.RELEASE <=5.2.7.RELEASE)

org.springframework.integration:spring-integration-core MAVEN version =5.2.0.RELEASE, =5.2.7.RELEASE is affected by a known vulnerability. The following packages have a transitive dependency on org.springframework.integration:spring-integration-core and may be impacted: -...

com.alipay.sofa:tracer-sofa-boot-starter (>=3.1.0 <=3.1.2), com.pleosoft:pleosoft-spring-boot-starter (=1.0.5-RELEASE) +40 more potentially affected by CVE-2020-5413 via org.springframework.integration:spring-integration-core (>=5.1.0.RELEASE <=5.1.11.RELEASE)

org.springframework.integration:spring-integration-core MAVEN version =5.1.0.RELEASE, =3.1.0, =0.2.0.RELEASE, =2.23.0, =2.23.0, =2.1.0.RELEASE, =5.1.0.RELEASE, =5.1.0.RELEASE, =5.1.0.RELEASE, =5.1.0.RELEASE, =5.1.0.RELEASE, =5.1.0.RELEASE, =5.1.11.RELEASE - org.springframework.integration:spring...

CVE-2020-5413

CVE-2020-5413 affects Spring Integration Kryo-based (de)serialization. When Kryo is configured with default options, unregistered classes can be resolved on demand, enabling deserialization gadgets to execute malicious code during data intake. The provided connected documents confirm the issue an...

CVE-2020-5413 Kryo Configuration Allows Code Execution with Unknown "Serialization Gadgets"

Spring Integration framework provides Kryo Codec implementations as an alternative for Java deserialization. When Kryo is configured with default options, all unregistered classes are resolved on demand. This leads to the "deserialization gadgets" exploit when provided data contains malicious cod...

013-carrousel-multipe (=1.0.0), 0303-lb3-paket (=1.0.1) +18318 more potentially affected by CVE-2019-5413 via morgan (>=1.0.0 <=1.9.0)

morgan NPM version =1.0.0, =1.1.0, =1.0.2, =1.0.1, =1.0.2 and more Source cves: CVE-2019-5413 Source advisory: OSV:GHSA-GWG9-RGVJ-4H5J...

CVE-2019-5413

An attacker can use the format parameter to inject arbitrary commands in the npm package morgan 1.9.1...

CVE-2019-5413

CVE-2019-5413 affects the Node.js middleware package morgan (

CVE-2018-5413

Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation...