CVE-2026-6133

creationtimestamp| type| source ---|---|--- 2026-04-13 00:51:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjdnlh3wpc2a 2026-04-13 01:17:28+00:00| published-proof-of-concept| Telegram/A9AkdEoDX482Ts0y8kQA9I8MkTC9694Q14KUe3E0K9rcYHU 2026-04-30 21:37:08+00:00| seen|...

MiracleLinux 4 : polkit-0.96-11.AXS4.1 (AXSA:2019-3772:01)

The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3772:01 advisory. Security Fix - PolicyKitfork CVE-2019-6133 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 7 : polkit-0.112-18.el7.1 (AXSA:2019-3762:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3762:02 advisory. Security Fix - PolicyKitfork CVE-2019-6133 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux...

Linux Distros Unpatched Vulnerability : CVE-2019-6133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In PolicyKit aka polkit 0.115, the start time protection mechanism can be bypassed because fork is not atomic, and therefore authorization decisions are...

CVE-2025-6133

creationtimestamp| type| source ---|---|--- 2025-06-16 19:41:00+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18518 2025-06-16 19:59:49+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrqrfclxh42k...

CVE-2025-6133 Projectworlds Life Insurance Management System insertagent.php sql injection

A vulnerability was found in Projectworlds Life Insurance Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /insertagent.php. The manipulation of the argument agentid leads to sql injection. The attack may be launched remotely. The...

CVE-2025-6133 Projectworlds Life Insurance Management System insertagent.php sql injection

A vulnerability was found in Projectworlds Life Insurance Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /insertagent.php. The manipulation of the argument agentid leads to sql injection. The attack may be launched remotely. The...

TencentOS Server 3: polkit (TSSA-2022:0004)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0004 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Alibaba Cloud Linux 3 : 0004: polkit (ALINUX3-SA-2022:0004)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0004 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-6133: In PolicyKit aka polkit...

WordPress WP eStore Plugin < 8.5.6 is vulnerable to Cross Site Scripting (XSS)

Software WP eStore Type Plugin Vulnerable versions 8.5.6 Fixed in 8.5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6133 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 0478cdd4af65 Credits Bob Matyas Required...

CVE-2024-6133 WP eStore < 8.5.6 - Reflected XSS in Customer Search

The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-6133 WP eStore < 8.5.6 - Reflected XSS in Customer Search

The wp-cart-for-digital-products WordPress plugin before 8.5.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-6133

The vulnerability CVE-2024-6133 affects the WordPress plugin wp-cart-for-digital-products (pre-8.5.6). The issue is a Reflected Cross-Site Scripting flaw where a parameter is not sanitized/escaped before output, potentially affecting high-privilege users (e.g., admins). Root cause: inadequate inp...

CVE-2023-6133

The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient blacklisting on the 'forminatorallowedmimetypes' function in versions up to, and including, 1.27.0. This makes it possible for authenticated attackers with administrator-level capabilities or above to...

CVE-2023-6133

Summary (CVE-2023-6133): The Forminator plugin for WordPress (affected:

WordPress Forminator Plugin <= 1.27.0 is vulnerable to Arbitrary File Upload

Software Forminator Type Plugin Vulnerable versions = 1.27.0 Fixed in 1.28.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-6133 Patch priority Low CVSS severity Low 6.6 Developer WPMU DEV PSID e543496c8db2 Credits István Márton Required privilege Administrator...

Ubuntu: Security Advisory (USN-6133-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS : Linux kernel (Intel IoTG) vulnerabilities (USN-6133-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6133-1 advisory. It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some...

Debian: Security Advisory (DLA-298-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K25033460: TMM vulnerability CVE-2017-6133

Security Advisory Description In F5 BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM and WebSafe software version 13.0.0 and 12.1.0 - 12.1.2, undisclosed HTTP requests may cause a denial of service. CVE-2017-6133 Impact The Traffic Management Microkernel TMM generates a core...