CVE-2026-6488

creationtimestamp| type| source ---|---|--- 2026-04-17 15:03:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjp72clfsr2q...

CVE-2026-6488

A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affects unknown code of the file admin/editcourse.php of the component GET Request Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be...

CVE-2026-6488

CVE-2026-6488 affects QueryMine sms, specifically the admin/editcourse.php code path under the GET Request Parameter Handler. The root cause is SQL injection triggered by manipulating the argument ID, allowing remote exploitation. Public exploit appears to be available; the disclosure notes rolli...

MiracleLinux 9 : libvpx-1.9.0-7.el9.ML.1 (AXSA:2023-6488:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6488:01 advisory. libvpx: Heap buffer overflow in vp8 encoding in libvpx CVE-2023-5217 libvpx: crash related to VP9 encoding in libvpx CVE-2023-44488 Tenable has...

Siemens SIMATIC S7-1500 Improper Resource Shutdown or Release (CVE-2019-6488)

The string component in the GNU C Library aka glibc or libc6 through 2.28, when running on the x32 architecture, incorrectly attempts to use a 64-bit register for sizet in assembly codes, which can lead to a segmentation fault or possibly unspecified other impact, as demonstrated by a crash in...

CVE-2025-6488

creationtimestamp| type| source ---|---|--- 2025-06-27 04:51:44+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/19665 2025-06-27 08:19:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lsl7fafnei2r...

CVE-2025-6488

The CVE-2025-6488 isMobile WordPress plugin is vulnerable to Stored Cross-Site Scripting via the device parameter in all versions up to and including 1.1.1 due to insufficient input sanitization and output escaping. Authentication requirement: attacker must have Contributor-level access or higher...

CVE-2025-6488 isMobile <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via device Parameter

The isMobile plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ parameter in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and...

WordPress isMobile plugin <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via device Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via device Parameter vulnerability discovered by Gilang in WordPress Plugin isMobile Shortcode for WordPress versions = 1.1.1...

CVE-2023-6488

creationtimestamp| type| source ---|---|--- 2024-01-12 10:36:50+00:00| seen| https://t.me/ctinow/167185...

CVE-2023-6488

The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'subutton', 'sumembers', and 'sutabs' shortcodes in all versions up to, and including, 7.0.0 due to insufficient input sanitization and output escaping on user supplie...

CVE-2023-6488

CVE-2023-6488 concerns the WP Shortcodes Plugin — Shortcodes Ultimate for WordPress. The issue is a stored cross-site scripting (XSS) vulnerability in the plugin’s shortcodes (su_button, su_members, su_tabs) present in all versions up to 7.0.0. The root cause is insufficient input sanitization an...

WordPress Shortcodes Ultimate Plugin <= 7.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Shortcodes Ultimate Type Plugin Vulnerable versions = 7.0.0 Fixed in 7.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6488 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 3b6d59c7090f Credits Webbernaut Required...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : strongSwan vulnerability (USN-6488-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by a vulnerability as referenced in the USN-6488-1 advisory. Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause...

CVE-2019-6488 affecting package glibc 2.28-24

CVE-2019-6488 affecting package glibc 2.28-24. A patched version of the package is available...

CVE-2012-6488

CVE-2012-6488 is rejected/not used per the Initial Description.

Fedora: Security Advisory for chromium (FEDORA-2020-08561721ad)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0832-1 Rating: important References: 1170107 1171910 1171975 1172496 Cross-References: CVE-2020-6463 CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469 CVE-2020-6470 CVE-2020-6471...

Security update for chromium (important)

openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2020:0823-1 Rating: important References: 1170107 1171910 1171975 1172496 Cross-References: CVE-2020-6463 CVE-2020-6465 CVE-2020-6466 CVE-2020-6467 CVE-2020-6468 CVE-2020-6469 CVE-2020-6470 CVE-2020-6471...

GLSA-202006-04 : glibc: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202006-04 glibc: Multiple vulnerabilities Multiple vulnerabilities have been discovered in glibc. Please review the CVE identifiers referenced below for details. Impact : Please review the referenced CVE identifiers for details...