44 matches found
CVE-2026-6036
creationtimestamp| type| source ---|---|--- 2026-04-10 10:52:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mj55qyb6sb23 2026-04-10 11:16:18+00:00| published-proof-of-concept| Telegram/khgEEPiWkGL9WACMPfvZ8dGv1ooPTaC6hfehoeURB75s6dQ...
CVE-2026-6036 code-projects Vehicle Showroom Management System VehicleDetailsFunction.php sql injection
A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. The impacted element is an unknown function of the file /util/VehicleDetailsFunction.php. The manipulation of the argument VEHICLEID results in sql injection. The attack can be executed remotely. The exploit has be...
CVE-2024-6036
creationtimestamp| type| source ---|---|--- 2024-07-11 01:35:17+00:00| seen| https://t.me/cvedetector/602 2026-02-08 14:11:39+00:00| seen| https://gist.github.com/YLChen-007/4e4f45bcab2f61abff5f83cea7d2ef91...
CVE-2024-6036 Denial of Service in gaizhenbiao/chuanhuchatgpt
A vulnerability in gaizhenbiao/chuanhuchatgpt version 20240410 allows any user to restart the server at will by sending a specific request to the /queue/join? endpoint with "fnindex":66. This unrestricted server restart capability can severely disrupt service availability, cause data loss or...
WordPress Web3 – Crypto wallet Login & NFT token gating Plugin < 3.0.0 is vulnerable to Broken Authentication
Software Web3 – Crypto wallet Login & NFT token gating Type Plugin Vulnerable versions 3.0.0 Fixed in 3.0.0 OWASP Top 10 A2: Broken Authentication Classification Broken Authentication CVE CVE-2023-6036 Patch priority Low CVSS severity Low 9.8 Developer Claim ownership PSID 9bc7bba9b677 Credits...
CVE-2023-6036 Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handleauthrequest' and 'hadleloginrequest'. This makes it possible for non authenticated attackers to log in as any existing user on the site,...
CVE-2023-6036
CVE-2023-6036 affects the Web3 WordPress plugin before 3.0.0. The root cause is incorrect authentication checking in the login flow, specifically in the functions "handle_auth_request" and "handle_login_request" (note: some sources spell the second as 'hadle_login_request'). This enables an unaut...
CVE-2023-6036 Web3 – Crypto wallet Login & NFT token gating < 3.0.0 - Authentication Bypass
The Web3 WordPress plugin before 3.0.0 is vulnerable to an authentication bypass due to incorrect authentication checking in the login flow in functions 'handleauthrequest' and 'hadleloginrequest'. This makes it possible for non authenticated attackers to log in as any existing user on the site,...
CVE-2023-6036
creationtimestamp| type| source ---|---|--- 2024-02-01 11:03:14+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/9891 2024-02-01 15:08:01+00:00| published-proof-of-concept| Telegram/bOqPtzHEO1ZVbaDJKoLdYxD4kMdbp1u8MWZoepA-pgrQ 2024-02-12 17:21:58+00:00| seen|...
Exploit for Incorrect Authorization in Miniorange Web3_-_Crypto_Wallet_Login_\&_Nft_Token_Gating
CVE-2023-6036 POC about Wordpress plugin Web3 – Crypto wallet...
Ubuntu 22.04 ESM : PatchELF vulnerability (USN-6036-1)
The remote Ubuntu 22.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-6036-1 advisory. It was discovered that PatchELF was not properly performing bounds checks, which could lead to an out-of- bounds read via a specially crafted file. An attacker...
CVE-2019-6036
creationtimestamp| type| source ---|---|--- 2020-01-27 12:37:42+00:00| seen| https://t.me/cveNotify/445...
CVE-2019-6036
Cross-site scripting vulnerability in F-RevoCRM 6.0 to F-RevoCRM 6.5 patch6 version 6 series allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2018-6036
Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page...
CVE-2018-6036
Insufficient data validation in V8 in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user data via a crafted HTML page...
CVE-2018-6036
CVE-2018-6036 is an integer underflow in WebAssembly within Google Chrome64-bit era (V8) that could allow a remote attacker to leak user data via a crafted HTML page. The vulnerability was fixed in the Chrome stable update 64.0.3282.119; affected products are Google Chrome released before that v...
CVE-2018-14273
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Type confusion
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2018-14273
CVE-2018-14273 affects Foxit Reader (and related Foxit products) with a type confusion in the removeTemplate method that enables remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a malicious file). The flaw allows code execution in the context of ...
Fedora Update for qt5-qtwebengine FEDORA-2018-e08d828ed9
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...