CVE-2026-7295

creationtimestamp| type| source ---|---|--- 2026-04-28 21:05:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mklif7mghe2r...

CVE-2026-7295 SourceCodester Pizzafy Ecommerce System ajax.php save_menu cross site scripting

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function savemenu of the file /admin/ajax.php?action=savemenu. Such manipulation of the argument Name leads to cross site scripting. The attack may be launched remotely. The exploit has be...

CVE-2019-7295

typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula...

Linux Distros Unpatched Vulnerability : CVE-2015-7295

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - hw/virtio/virtio.c in the Virtual Network Device virtio-net support in QEMU, when big or mergeable receive buffers are not supported, allows remote attackers to...

CVE-2024-7295

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

Progress Telerik Report Server <= 10.2.24.924 Encryption Weakness (CVE-2024-7295)

The version of Progress Telerik Report Server installed on the remote host is affected by an encryption weakness vulnerability: - The encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information. CVE-2024-7295 Note that Nessus has not...

CVE-2024-7295

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

CVE-2024-7295 Hard-coded credentials used for temporary and cache data encryption

In Progress® Telerik® Report Server versions prior to 2024 Q4 10.3.24.1112, the encryption of local asset data used an older algorithm which may allow a sophisticated actor to decrypt this information...

CVE-2023-7295

creationtimestamp| type| source ---|---|--- 2024-10-16 11:20:51+00:00| seen| https://t.me/cvedetector/8036...

CVE-2023-7295 Video Grid <= 1.21 - Reflected Cross-Site Scripting

The Video Grid plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the searchterm parameter in versions up to, and including, 1.21 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

Mageia: Security Advisory (MGASA-2014-0059)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-7295

Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface...

CVE-2020-7295 Web Gateway (MWG) - Privilege Escalation vulnerability

Privilege Escalation vulnerability in McAfee Web Gateway MWG prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface...

CVE-2020-7295

CVE-2020-7295 is a privilege-escalation vulnerability in McAfee Web Gateway (MWG) prior to version 9.2.1. An authenticated UI user can delete or download protected log data due to improper access controls in the user interface. This description is consistently reported across multiple sources (NV...

EulerOS 2.0 SP3 : qemu-kvm (EulerOS-SA-2020-1430)

According to the versions of the qemu-kvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libslirp 4.1.0, as used in QEMU 4.2.0, tcpsubr.c misuses snprintf return values, leading to a buffer overflow in later code.CVE-2020-8608 -...

CVE-2019-7295

Typora

CVE-2018-7295

The CVE affects ffxivlauncher.exe in Square Enix Final Fantasy XIV for Windows (versions 4.21 and 4.25). Root cause: Improper enforcement of message integrity during transmission in a communication channel, where a session retrieves global.js via http before proceeding to use https. This enables ...

CVE-2018-7295

ffxivlauncher.exe in Square Enix Final Fantasy XIV 4.21 and 4.25 on Windows is affected by Improper Enforcement of Message Integrity During Transmission in a Communication Channel, allowing a man-in-the-middle attacker to steal user credentials because a session retrieves global.js via http befor...

CVE-2017-7295

CVE-2017-7295 affects Contiki OS 3.0: use-after-free in httpd-simple.c within cc26xx-web-demo httpd. On connection close, http_state is not deallocated, causing a NULL pointer dereference in output processing and a board crash, i.e., denial of service. Connected docs confirm the vulnerability det...

CVE-2016-7295

Technical details about CVE-2016-7295 are not publicly provided in the supplied documents. The CLFS information-disclosure vulnerability details, affected products/versions, and fixes are not elaborated here. Monitor for updates from official advisories.