MINI-W835-5565-QHVF

Bulletin has no description...

CVE-2026-5565

creationtimestamp| type| source ---|---|--- 2026-04-05 15:16:27+00:00| published-proof-of-concept| Telegram/bba5KoRxZjw4aUqHfMWZuI7ux2762ZWKOY2q9V8MiGPKQ0 2026-04-05 15:26:35+00:00| seen| https://bsky.app/profile/postac001.bsky.social/post/3mir2qih75y2y 2026-04-05 16:13:08+00:00| seen|...

CVE-2026-5565

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack may be launche...

CVE-2026-5565 code-projects Simple Laundry System Parameter delmemberinfo.php sql injection

A security vulnerability has been detected in code-projects Simple Laundry System 1.0. Affected by this issue is some unknown functionality of the file /delmemberinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack may be launche...

CVE-2026-5565

CVE-2026-5565 affects code-projects Simple Laundry System 1.0. The vulnerability is in the Parameter Handler’s /delmemberinfo.php, where manipulating the userid parameter leads to SQL injection. It can be exploited remotely, and the exploit has been publicly disclosed. The connected sources confi...

CVE-2025-5565 Hide It <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Hide It plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'hideit' shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...

WordPress Hide It plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Hide It versions = 1.0.1...

CVE-2023-5565

The Shortcode Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'shortmenu' shortcode in versions up to, and including, 3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

CVE-2020-5565

Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'...

Prompt Injection Flaw in Vanna AI Exposes Databases to RCE Attacks

Cybersecurity researchers have disclosed a high-severity security flaw in the Vanna.AI library that could be exploited to achieve remote code execution vulnerability via prompt injection techniques. The vulnerability, tracked as CVE-2024-5565 CVSS score: 8.1, relates to a case of prompt injection...

cy-ai-trainer (>=0.0.1 <=0.0.2), llama-index-packs-vanna (>=0.0.1 <=0.1.4) potentially affected by CVE-2024-5565 via vanna (>=0.0.30 <=0.0.36)

vanna PYPI version =0.0.30, =0.0.1, =0.0.1, =0.1.4 Source cves: CVE-2024-5565 Source advisory: OSV:GHSA-7735-W2JP-GVG6...

CVE-2024-5565

The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s “ask” method with...

CVE-2024-5565

CVE-2024-5565 concerns the Vanna.AI library (Python) where prompt injection in the library’s ask API, with visualize set to True, can execute arbitrary Python code on the host, enabling remote code execution. The vulnerability arises from insufficient input validation in the prompt generation tha...

CVE-2024-5565 Prompt Injection in "ask" API with visualization leads to RCE

The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s “ask” method with...

CVE-2024-5565 Prompt Injection in "ask" API with visualization leads to RCE

The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s “ask” method with...

CVE-2023-5565 Shortcode Menu <= 3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Shortcode Menu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'shortmenu' shortcode in versions up to, and including, 3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

CVE-2023-5565

CVE-2023-5565 – The Shortcode Menu plugin for WordPress is vulnerable to stored XSS via the shortmenu shortcode in versions up to and including 3.2. The root cause is insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires an authenticated user with ...

WordPress Shortcode Menu Plugin <= 3.2 is vulnerable to Cross Site Scripting (XSS)

Software Shortcode Menu Type Plugin Vulnerable versions = 3.2 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5565 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f1e670460201 Credits István Márton Required...

Ubuntu: Security Advisory (USN-5565-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-5565-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5565-1 advisory. Zhenpeng Lin discovered that the network packet scheduler implementation in the Linux kernel did not properly remove all references to a rout...