CVE-2025-5506

A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2025-5506

A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2025-5506

The CVE-2025-5506 entry affects TOTOLINK A3002RU (firmware 2.1.1-B20230720.1011) in the NAT Mapping Page component. The vulnerability stems from manipulation of the Comment parameter, enabling cross-site scripting (XSS). It is exploitable remotely and reportedly had an exploit disclosed publicly....

CVE-2025-5506 TOTOLINK A3002RU NAT Mapping Page cross site scripting

A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been classified as problematic. Affected is an unknown function of the component NAT Mapping Page. The manipulation of the argument Comment leads to cross site scripting. It is possible to launch the attack remotely. The...

CVE-2023-5506

The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmapdeleteareaajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

CVE-2013-5506

The authorization functionality in Cisco Firewall Services Module FWSM 3.1.x and 3.2.x before 3.225 and 4.x before 4.113, when multiple-context mode is enabled, allows local users to read or modify any context's configuration via unspecified commands, aka Bug ID CSCue46080...

CVE-2019-5506

Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks...

Linux Distros Unpatched Vulnerability : CVE-2017-5506

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Double free vulnerability in magick/profile.c in ImageMagick allows remote attackers to have unspecified impact via a crafted file. CVE-2017-5506 Note that Ness...

Malicious code in wlwz-2312-5506 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fedc362842fd2079aba817df12f5ef597e2b0e012b9b318719fc8d9ced904729 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-671 Malicious code in wlwz-2312-5506 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fedc362842fd2079aba817df12f5ef597e2b0e012b9b318719fc8d9ced904729 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-5506

creationtimestamp| type| source ---|---|--- 2024-01-04 11:51:57+00:00| seen| https://t.me/arpsyndicate/2451...

CVE-2023-5506

The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmapdeleteareaajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

CVE-2023-5506

The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmapdeleteareaajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

CVE-2023-5506

CVE-2023-5506 concerns the WordPress ImageMapper plugin. Affected versions are

CVE-2023-5506 ImageMapper <= 1.2.6 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Page/Post Deletion via imgmap_delete_area_ajax

The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmapdeleteareaajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to...

K65355492: Apache vulnerability CVE-2018-5506

Security Advisory Description Apache modules apacheauthtokenmod and modauthf5authtoken.cpp allow possible unauthenticated bruteforce on the emserverip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager EM and managed...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS : NSS vulnerabilities (USN-5506-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5506-1 advisory. Tavis Ormandy discovered that NSS incorrectly handled an empty pkcs7 sequence. A remote attacker could possibly use this issue to...

CVE-2019-5506

Clustered Data ONTAP versions 9.0 and higher do not enforce hostname verification under certain circumstances making them susceptible to impersonation via man-in-the-middle attacks...

CVE-2019-5506

NetApp Clustered Data ONTAP (version 9.0+ as described) is affected by a hostname verification issue that can enable impersonation via man‑in‑the‑middle attacks under certain circumstances. The vulnerability arises from not enforcing hostname verification, per the CVE description. Exploitation de...

F5 Networks BIG-IP : Apache vulnerability (K65355492)

Apache modules apacheauthtokenmod and modauthf5authtoken.cpp allow possible unauthenticated bruteforce on the emserverip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager EM and managed BIG-IP devices. CVE-2018-5506...