CVE-2026-8131

SourceCodester SUP Online Shopping 1.0 contains a SQL injection in /admin/replymsg.php via the msgid parameter. The affected component is a server-side PHP script handling admin replies. Exploitation is remote and the vulnerability is evidenced by publicly released exploits; CVSS data indicate a ...

CVE-2025-8131 Tenda AC20 SetStaticRouteCfg stack-based overflow

A vulnerability was found in Tenda AC20 16.03.08.05. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely...

CVE-2025-8131 Tenda AC20 SetStaticRouteCfg stack-based overflow

A vulnerability was found in Tenda AC20 16.03.08.05. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /goform/SetStaticRouteCfg. The manipulation of the argument list leads to stack-based buffer overflow. The attack can be launched remotely...

Oracle Linux 10 : ruby (ELSA-2025-8131)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-8131 advisory. - Fix Net::IMAP vulnerable to possible DoS by memory exhaustion. CVE-2025-25186 - Fix Denial of Service in CGI::Cookie.parse. CVE-2025-27219 Resolves:...

CVE-2019-8131

A stored cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code into code field of an inventory source...

CVE-2024-8131

creationtimestamp| type| source ---|---|--- 2024-08-24 20:43:41+00:00| seen| https://t.me/cvedetector/4061...

CVE-2019-8131

creationtimestamp| type| source ---|---|--- 2024-02-04 14:41:17+00:00| seen| https://t.me/ctinow/178833...

CVE-2016-8131

...

CVE-2016-8131

CVE-2016-8131 is rejected/not used; not an active vulnerability entry.

CVE-2020-8131

Arbitrary filesystem write vulnerability in Yarn before 1.22.0 allows attackers to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install a malicious package...

CVE-2020-8131

CVE-2020-8131 describes an arbitrary filesystem write vulnerability in Yarn before 1.22.0 , enabling an attacker to write to arbitrary paths and potentially achieve arbitrary code execution by coercing the user to install a malicious package. Affected component: yarn (versions prior to 1.22.0). R...

CVE-2019-8131

A stored cross-site scripting XSS vulnerability exists in Magento 2.2 prior to 2.2.10, Magento 2.3 prior to 2.3.3 or 2.3.2-p1. An authenticated user can inject arbitrary JavaScript code into code field of an inventory source...

CVE-2019-8131

CVE-2019-8131 is a stored XSS vulnerability in Magento 2.2 (pre-2.2.10) and Magento 2.3 (pre-2.3.3 or pre-2.3.2-p1). An authenticated user can inject arbitrary JavaScript into the code field of an inventory source, enabling client-side code execution. The available connected sources confirm the a...

CVE-2017-8131

The CVE-2017-8131 entry applies to FusionSphere OpenStack (software versions V100R006C00/V100R006C10). It describes a command injection vulnerability caused by insufficient input validation on four TCP listening ports, allowing an unauthenticated attacker to execute commands and gain root privile...

CVE-2015-8131

Cross-site request forgery CSRF vulnerability in Elasticsearch Kibana before 4.1.3 and 4.2.x before 4.2.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

CVE-2015-8131

Cross-site request forgery CSRF vulnerability in Elasticsearch Kibana before 4.1.3 and 4.2.x before 4.2.1 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors...

CVE-2015-8131

Elastic Kibana is affected by a Cross-site Request Forgery (CSRF) vulnerability. Affected versions are Kibana prior to 4.1.3 and 4.2.x prior to 4.2.1. The issue allows a remote attacker to hijack the authentication of unspecified victims via unknown vectors. The root cause is a CSRF flaw in Kiban...

Kibana Cross-site Request Forgery CVE-2015-8131

CVE: CVE-2015-8131 Affected versions: All versions up to and including 4.1.2 and 4.2.0. The vulnerability is a cross-site request forgery CSRF or XSRF that could allow an attacker to read and write changes to the .kibana index or gain read and write access to Kibana plugin actions. Remediation: A...

Gentoo Security Advisory GLSA 201412-36

Gentoo Linux Local Security Checks GLSA 201412-36 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Oracle Linux 7 : libvirt (ELSA-2015-0323)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0323 advisory. - qemu: migration: Unlock vm on failed ACL check in protocol v2 APIs CVE-2014-8136 - CVE-2015-0236: qemu: Check ACLs when dumping security info from sa...