Linux Distros Unpatched Vulnerability : CVE-2016-5706

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - js/getscripts.js.php in phpMyAdmin 4.0.x before 4.0.10.16, 4.4.x before 4.4.15.7, and 4.6.x before 4.6.3 allows remote attackers to cause a denial of service vi...

CVE-2025-5706

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /new-user-testing.php. The manipulation of the argument state leads to sql injection. The attack ca...

CVE-2025-5706 PHPGurukul Human Metapneumovirus Testing Management System new-user-testing.php sql injection

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /new-user-testing.php. The manipulation of the argument state leads to sql injection. The attack ca...

CVE-2025-5706 PHPGurukul Human Metapneumovirus Testing Management System new-user-testing.php sql injection

A vulnerability was found in PHPGurukul Human Metapneumovirus Testing Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /new-user-testing.php. The manipulation of the argument state leads to sql injection. The attack ca...

CVE-2025-5706

CVE-2025-5706 affects PHPGurukul Human Metapneumovirus Testing Management System 1.0. The vulnerability is an SQL injection in the /new-user-testing.php file, triggered by manipulating the state parameter. It is exploitable remotely and was disclosed publicly, with multiple sources confirming the...

CVE-2024-5706

The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Hitachi Vantara Pentaho Data Integration & Analytics versions before...

CVE-2024-5706

creationtimestamp| type| source ---|---|--- 2025-02-20 01:48:26+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114033695538790847 2025-02-20 02:26:12+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lilagi25vc2p 2025-02-20 21:17:48+00:00| seen|...

CVE-2024-5706

The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Hitachi Vantara Pentaho Data Integration & Analytics versions before...

CVE-2024-5706 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')

The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Hitachi Vantara Pentaho Data Integration & Analytics versions before...

CVE-2024-5706

CVE-2024-5706 affects Hitachi Vantara Pentaho Data Integration & Analytics. Versions before 10.2.0.0 and 9.3.0.9, including 8.3.x, do not restrict JNDI identifiers when creating Community Dashboards, allowing control of system-level data sources and potentially enabling access to or modification ...

CVE-2024-5706 Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection')

The product receives input from an upstream component, but it does not restrict or incorrectly restricts the input before it is used as an identifier for a resource that may be outside the intended sphere of control. CWE-99 Hitachi Vantara Pentaho Data Integration & Analytics versions before...

CVE-2017-5706

creationtimestamp| type| source ---|---|--- 2024-08-29 16:29:32+00:00| seen| https://t.me/itsecnews/4642...

Debian: Security Advisory (DSA-5706-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MAL-2024-689 Malicious code in wlwz-2312-5706 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 356e7ffe98ea830e4904c05d1ad8bf2472092ebfacbf7ae956ee7383d85a6675 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2023-5706

CVE-2023-5706 affects the WordPress VK Blocks plugin: Stored XSS in the vk-blocks/ancestor-page-list block for all versions up to 1.63.0.1 due to insufficient input sanitization and output escaping on user attributes. Exploitation requires an authenticated user with contributor-level permissions ...

CVE-2023-5706 VK Blocks <= 1.63.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Block

The VK Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'vk-blocks/ancestor-page-list' block in all versions up to, and including, 1.63.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress VK Blocks Plugin <= 1.63.0.1 is vulnerable to Cross Site Scripting (XSS)

Software VK Blocks Type Plugin Vulnerable versions = 1.63.0.1 Fixed in 1.64.0.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5706 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2d60e9243083 Credits Lana Codes Required...

RHEL 9 : dotnet6.0 (RHSA-2023:5706)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:5706 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. N...

Ubuntu 20.04 LTS : Linux kernel (Azure CVM) vulnerabilities (USN-5706-1)

The remote Ubuntu 20.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5706-1 advisory. It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose...

Tenda HG6 3.3.0 Remote Command Injection Vulnerability

Tenda HG6 version 3.3.0 suffers from a remote command injection vulnerability. It can be exploited to inject and execute arbitrary shell commands through the pingAddr and traceAddr HTTP POST parameters in formPing, formPing6, formTracert and formTracert6 interfaces. Tenda HG6 v3.3.0 Remote Comman...