CVE-2025-5790

A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. This vulnerability affects unknown code of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack can be initiated...

CVE-2025-5790

creationtimestamp| type| source ---|---|--- 2025-06-06 19:13:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lqxk4thb352k...

CVE-2025-5790 TOTOLINK X15 HTTP POST Request formIpQoS buffer overflow

A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. This vulnerability affects unknown code of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack can be initiated...

CVE-2020-5790

Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

Debian: Security Advisory (DSA-5790-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Happy Addons for Elementor Plugin <= 3.11.1 is vulnerable to Cross Site Scripting (XSS)

Software Happy Addons for Elementor Type Plugin Vulnerable versions = 3.11.1 Fixed in 3.11.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5790 Patch priority Low CVSS severity Low 6.5 Developer Leevio PSID 2562e9b6d866 Credits wesley wcraft Requir...

CVE-2024-5790

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ attribute within the plugin's Gradient Heading widget in all versions up to, and including, 3.11.1 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2024-5790 Happy Addons for Elementor <= 3.11.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gradient Heading Widget

The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ attribute within the plugin's Gradient Heading widget in all versions up to, and including, 3.11.1 due to insufficient input sanitization and output escaping. This makes it possible for...

CVE-2023-5790

creationtimestamp| type| source ---|---|--- 2023-10-26 20:16:12+00:00| seen| https://t.me/cibsecurity/72990...

CVE-2023-5790 SourceCodester File Manager App add-file.php unrestricted upload

A vulnerability classified as critical was found in SourceCodester File Manager App 1.0. Affected by this vulnerability is an unknown functionality of the file endpoint/add-file.php. The manipulation of the argument uploadedFileName leads to unrestricted upload. The attack can be launched remotel...

CVE-2023-5790

CVE-2023-5790 affects SourceCodester File Manager App 1.0A vulnerability in the file endpoint add-file.php allows unrestricted upload by manipulating the uploadedFileName parameter. The issue is exploitable remotely and is confirmed across multiple sources; public disclosure is noted. The root ca...

Oracle Linux 8 : python-reportlab (ELSA-2023-5790)

The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2023-5790 advisory. 3.4.0-8.1 - python-reportlab: code injection in paraparser.py allows code execution CVE-2019-19450 Tenable has extracted the preceding description block directl...

RHEL 8 : python-reportlab (RHSA-2023:5790)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:5790 advisory. Python-reportlab is a library used for generation of PDF documents. Security Fixes: python-reportlab: code injection in paraparser.py allows code...

Oracle Linux 7 : grub2 (ELSA-2020-5790)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5790 advisory. - Fix CVE-2020-10713, CVE-2020-14308, CVE-2020-14309, CVE-2020-14310, CVE-2020-14311, CVE-2020-15705, CVE-2020-15706, CVE-2020-15707 Orabug: 31225072...

CVE-2020-5790

creationtimestamp| type| source ---|---|--- 2020-10-21 02:50:18+00:00| seen| https://t.me/cibsecurity/15430...

CVE-2020-5790

Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link...

CVE-2020-5790

CVE-2020-5790 is a CSRF in Nagios XI 5.7.3 that allows an attacker to induce a logged-in user to perform sensitive actions by clicking a crafted link. Affected product: Nagios XI; root cause: cross-site request forgery. Impact: sensitive application operations potentially executed by an authentic...

CVE-2019-5790

An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

CVE-2019-5790

An integer overflow leading to an incorrect capacity of a buffer in JavaScript in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page...

CVE-2019-5790

creationtimestamp| type| source ---|---|--- 2019-04-21 17:32:02+00:00| seen| https://t.me/antichat/4564 2019-04-21 19:01:13+00:00| published-proof-of-concept| https://t.me/R0Crew/1057 2019-05-23 20:48:18+00:00| seen| https://t.me/cvemitreorg/266...