CVE-2026-6340

creationtimestamp| type| source ---|---|--- 2026-05-18 08:32:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm4hmztahz2c...

CVE-2008-6340

Cross-site scripting XSS vulnerability in the Vox populi mvvoxpopuli extension 0.3.0 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2025-6340

A vulnerability classified as problematic has been found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /branch.php. The manipulation of the argument Branch/Address/Detail leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2025-6340 code-projects School Fees Payment System branch.php cross site scripting

A vulnerability classified as problematic has been found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /branch.php. The manipulation of the argument Branch/Address/Detail leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2025-6340 code-projects School Fees Payment System branch.php cross site scripting

A vulnerability classified as problematic has been found in code-projects School Fees Payment System 1.0. This affects an unknown part of the file /branch.php. The manipulation of the argument Branch/Address/Detail leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2024-6340

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2020-6340

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2024-6340 Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2024-6340

The CVE-2024-6340 entry concerns Premium Addons for Elementor (WordPress). It describes a Stored Cross-Site Scripting (XSS) vulnerability in the Countdown widget, caused by insufficient input sanitization and output escaping for user-supplied attributes. Affected versions are all up to and includ...

CVE-2024-6340 Premium Addons for Elementor <= 4.10.36 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Widget

The Premium Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Countdown widget in all versions up to, and including, 4.10.36 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Premium Addons for Elementor Plugin <= 4.10.35 is vulnerable to Cross Site Scripting (XSS)

Software Premium Addons for Elementor Type Plugin Vulnerable versions = 4.10.35 Fixed in 4.10.36 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6340 Patch priority Low CVSS severity Low 6.5 Developer LeapWorx PSID f50506540d4a Credits Webbernaut...

RHEL 7 : qci (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - QCI: uses MD5 as password hash algorithm on deployed systems CVE-2016-6340 Note that Nessus has not tested for this...

Imperva uncovers new Indicators of Compromise for FBI and CISA-flagged AndroxGh0st botnet

On January 16, a joint alert from FBI and CISA warned about a concerning development: the emergence of a botnet driven by AndroxGh0st malware targeting vulnerable applications and web servers. AndroxGh0st is a Python-based malware, first seen in late 2022, designed to target Laravel .env files an...

CVE-2023-6340

SonicWall reports that Capture Client 3.7.10 and NetExtender Windows client 10.2.337 and earlier install with the sfpmonitor.sys driver. The driver has a stack-based buffer overflow that can be triggered by crafted queries, leading to Denial of Service and potentially kernel memory overwrite with...

SFPMonitor.sys KOOB Write vulnerability

SonicWall Capture Client version 3.7.10 and NetExtender Client Windows client 10.2.337 and earlier versions are being installed with sfpmonitor.sys driver. The client applications communicate with the driver through queries. The driver method that handles those queries has Stack-based Buffer...

Oracle Linux 9 : xorg-x11-server (ELSA-2023-6340)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-6340 advisory. 1.20.11-19 - Backport fix for a deadlock with DRI3 Resolves: rhbz2192550 1.20.11-18 - CVE fix for: CVE-2023-1393 Resolves: rhbz2180297 Tenable has extracted the...

RHEL 9 : xorg-x11-server (RHSA-2023:6340)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:6340 advisory. X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user...

Ubuntu: Security Advisory (USN-6340-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2013-0347)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2013:1784-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...