WordPress HTML5 Video Player < 2.5.27 - SQL Injection

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks id: CVE-2024-5522 info: name: WordPress HTML5 Video Player 2.5.27 - SQL Injection...

EUVD-2026-5522

Azure Arc Elevation of Privilege Vulnerability...

CVE-2025-5522 jack0240 魏 bskms 蓝天幼儿园管理系统 User Creation addUser improper authorization

A vulnerability was found in jack0240 魏 bskms 蓝天幼儿园管理系统 up to dffe6640b5b54d8e29da6f060e0493fea74b3fad. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sa/addUser of the component User Creation Handler. The manipulation leads to improper...

CVE-2025-5522

CVE-2025-5522 affects jack0240’s bskms (Blue Sky Kindergarten Management System). Concrete details: the vulnerability resides in the /sa/addUser function of the User Creation Handler, with root cause described as improper authorization. This could allow a remote attacker to manipulate the system ...

CVE-2023-5522

Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an attacker to send a post with hundreds of emojis to a channel and freeze the mobile app of users when viewing that particular channel...

CVE-2013-5522

Cisco IOS on Catalyst 3750X switches has default Service Module credentials, which makes it easier for local users to gain privileges via a Service Module login, aka Bug ID CSCue92286...

CGA-MG92-5522-9F5X

Bulletin has no description...

Linux Distros Unpatched Vulnerability : CVE-2015-5522

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap-based buffer overflow in the ParseValue function in lexer.c in tidy before 4.9.31 allows remote attackers to cause a denial of service crash via vectors...

Exploit for SQL Injection in Bplugins Html5_Video_Player

CVE-2024-5522-PoC : HTML5 Video Player 2.5.27 - Unauthentica...

RHEL 8 : kpatch-patch-4_18_0-553 (RHSA-2024:5522)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:5522 advisory. This is a kernel live patch module which can be loaded by the kpatch command line utility to modify the code of a running kernel. This patch...

CVE-2024-5522

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

CVE-2024-5522 HTML5 Video Player < 2.5.27 - Unauthenticated SQLi

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

CVE-2024-5522 HTML5 Video Player < 2.5.27 - Unauthenticated SQLi

The HTML5 Video Player WordPress plugin before 2.5.27 does not sanitize and escape a parameter from a REST route before using it in a SQL statement, allowing unauthenticated users to perform SQL injection attacks...

CVE-2024-5522

creationtimestamp| type| source ---|---|--- 2024-05-31 06:58:31+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7474 2024-06-03 12:18:35+00:00| seen| https://t.me/apsecurity/566 2024-07-09 08:12:20+00:00| exploited| https://t.me/CNArsenal/2768 2024-07-09 15:18:16+00:00|...

Exploit for SQL Injection in Bplugins Html5_Video_Player

CVE-2024-5522-Poc CVE-2024-5522 HTML5 Video Player = 2.5.2...

WordPress Flash & HTML5 Video Plugin < 2.5.27 is vulnerable to SQL Injection

Software Flash & HTML5 Video Type Plugin Vulnerable versions 2.5.27 Fixed in 2.5.27 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5522 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID a6949d7fc215 Credits Mayank Deshmukh Required privilege...

CVE-2023-5522

creationtimestamp| type| source ---|---|--- 2023-10-17 14:32:55+00:00| seen| https://t.me/cibsecurity/72414...

CVE-2023-5522 Mobile app freezes when receiving a post with hundreds of emojis

Mattermost Mobile fails to limit the maximum number of Markdown elements in a post allowing an attacker to send a post with hundreds of emojis to a channel and freeze the mobile app of users when viewing that particular channel...

CVE-2023-5522

Mattermost Mobile is affected by CVE-2023-5522, where the app fails to limit the maximum number of Markdown elements in a post. This allows an attacker to send a post containing hundreds of emojis to a channel, freezing the mobile app for users viewing that channel. Root cause: excessive Markdown...

Debian: Security Advisory (DLA-273-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...