ROOT-OS-UBUNTU-2204-CVE-2026-5704 CVE-2026-5704 in rootio-tar - Patched by Root

Root has patched CVE-2026-5704 in the rootio-tar package for Root:Ubuntu:22.04. Multiple fixed versions available...

ROOT-OS-DEBIAN-13-CVE-2026-5704 CVE-2026-5704 in rootio-tar - Patched by Root

Root has patched CVE-2026-5704 in the rootio-tar package for Root:Debian:13. Multiple fixed versions available...

DEBIAN-CVE-2026-5704

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...

Linux Distros Unpatched Vulnerability : CVE-2016-5704

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-site scripting XSS vulnerability in the table-structure page in phpMyAdmin 4.6.x before 4.6.3 allows remote attackers to inject arbitrary web script or HT...

CVE-2025-5704

A vulnerability was found in code-projects Real Estate Property Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /Admin/User.php. The manipulation of the argument txtUserName leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-5704

A vulnerability was found in code-projects Real Estate Property Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /Admin/User.php. The manipulation of the argument txtUserName leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-5704 code-projects Real Estate Property Management System User.php sql injection

A vulnerability was found in code-projects Real Estate Property Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /Admin/User.php. The manipulation of the argument txtUserName leads to sql injection. The attack may be initiated remotely. The...

CVE-2025-5704

CVE-2025-5704 affects code-projects Real Estate Property Management System 1.0. The vulnerability arises from improper handling of the txtUserName parameter in /Admin/User.php, enabling SQL injection. Exploitation could be remote and an exploit has been disclosed publicly. The available reference...

CVE-2024-5704

The XPlainer – WooCommerce Product FAQ WooCommerce Accordion FAQ Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions i.e. ffwinsertnewfaq, ffwhidediscountnotice, ffwdeleteallfaqs, ffwdeletesinglefaq, etc... in all...

CVE-2023-5704

The CPO Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

CVE-2024-5704

creationtimestamp| type| source ---|---|--- 2024-07-09 11:49:54+00:00| seen| https://t.me/cvedetector/284...

CVE-2024-5704 XPlainer – WooCommerce Product FAQ [WooCommerce Accordion FAQ Plugin] <= 1.7.0 - Missing Authorization to Authenticated (Subscriber+) Settings Update

The XPlainer – WooCommerce Product FAQ WooCommerce Accordion FAQ Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several functions i.e. ffwinsertnewfaq, ffwhidediscountnotice, ffwdeleteallfaqs, ffwdeletesinglefaq, etc... in all...

WordPress XPlainer - WooCommerce Product FAQ Plugin <= 1.7.0 is vulnerable to Broken Access Control

Software XPlainer - WooCommerce Product FAQ Type Plugin Vulnerable versions = 1.7.0 Fixed in 1.7.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5704 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2fd8e7762c97 Credits Lucio Sá...

Malicious code in wlwz-2312-5704 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 99f69006e962bd90121a5cca0256073907afb49eb5be40e38cc1dab7ae1e8f36 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-5704

The CPO Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers...

WordPress CPO Shortcodes Plugin <= 1.5.0 is vulnerable to Cross Site Scripting (XSS)

Software CPO Shortcodes Type Plugin Vulnerable versions = 1.5.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5704 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID 2297e8ebd0f5 Credits István Márton Required...

Oracle Linux 6 : httpd (ELSA-2015-1249)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2015-1249 advisory. - core: fix bypassing of modheaders rules via chunked requests CVE-2013-5704 Tenable has extracted the preceding description block directly from the Oracle Linu...

K16863: Apache vulnerability CVE-2013-5704

Security Advisory Description The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in...

Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS : DBus vulnerabilities (USN-5704-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5704-1 advisory. It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibl...

Slackware: Security Advisory (SSA:2015-111-03)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...