CVE-2025-8983 itsourcecode Online Tour and Travel Management System expense.php sql injection

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expensefor leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2025-8983 itsourcecode Online Tour and Travel Management System expense.php sql injection

A vulnerability was identified in itsourcecode Online Tour and Travel Management System 1.0. This issue affects some unknown processing of the file /admin/operations/expense.php. The manipulation of the argument expensefor leads to sql injection. The attack may be initiated remotely. The exploit...

CVE-2024-8983

Custom Twitter Feeds WordPress plugin before 2.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2019-8983

MDaemon Webmail 14.x through 18.x before 18.5.2 has XSS issue 1 of 2...

Linux Distros Unpatched Vulnerability : CVE-2015-8983

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in the IOwstroverflow function in libio/wstrops.c in the GNU C Library aka glibc or libc6 before 2.22 allows context-dependent attackers to cau...

CVE-2024-8983

creationtimestamp| type| source ---|---|--- 2024-10-08 08:41:23+00:00| seen| https://t.me/cvedetector/7315...

CVE-2024-8983 Custom Twitter Feeds < 2.2.3 - Admin+ Stored XSS

Custom Twitter Feeds WordPress plugin before 2.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2024-8983 Custom Twitter Feeds < 2.2.3 - Admin+ Stored XSS

Custom Twitter Feeds WordPress plugin before 2.2.3 is not filtering some of its settings allowing high privilege users to inject scripts...

WordPress Custom Twitter Feeds (Tweets Widget) Plugin < 2.2.3 is vulnerable to Cross Site Scripting (XSS)

Software Custom Twitter Feeds Tweets Widget Type Plugin Vulnerable versions 2.2.3 Fixed in 2.2.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8983 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 3fd03697ab47 Credits Krugov...

CGA-39JP-8983-J26H

Bulletin has no description...

CGA-QPG8-XQRV-8983

Bulletin has no description...

CGA-CXGG-J24V-8983

Bulletin has no description...

Apache Solr Backup/Restore API Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Solr Backup/Restore APIs RCE', 'Description' = %q Apache Solr from 6.0.0 through 8.11.2, from 9.0.0 before 9.4.1 is affected by an...

K39204079: GNU C Library vulnerability CVE-2015-8983

Security Advisory Description Integer overflow in the IOwstroverflow function in libio/wstrops.c in the GNU C Library aka glibc or libc6 before 2.22 allows context-dependent attackers to cause a denial of service application crash or possibly execute arbitrary code via vectors related to computin...

SUSE SLES11 Security Update : glibc (SUSE-SU-2022:14923-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14923-1 advisory. - Integer overflow in the strxfrm function in the GNU C Library aka glibc or libc6 before 2.21 allows context-dependent attackers to cause a...

SUSE: Security Advisory (SUSE-SU-2022:14923-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-8983

CVE-2020-8983 describes an arbitrary file write vulnerability in all versions of Citrix ShareFile StorageZones Controller, enabling remote code execution and broad file access in hosted ShareFile environments. Exploitation depends on the storage zone creation version (5.9.0, 5.8.0, 5.7.0, 5.6.0, ...

Warning: Citrix ShareFile Flaw Could Let Attackers Steal Corporate Secrets

Since the past few weeks, software giant Citrix has privately been rolling out a critical software update to its enterprise customers that patches multiple security vulnerabilities affecting Citrix ShareFile content collaboration platform. The security advisory—about which The Hacker News learned...

Citrix ShareFile storage zones Controller multiple security updates

Description of Problem Security issues have been identified in customer-managed Citrix ShareFile storage zone controllers. These vulnerabilities, if exploited, would allow an unauthenticated attacker to compromise the storage zones controller potentially giving an attacker the ability to access...

CVE-2019-8983

MDaemon Webmail 14.x–18.x prior to 18.5.2 is affected by a cross-site scripting (XSS) vulnerability in the Webmail interface (described as issue 1 of 2). Root cause details are not explicitly provided in the supplied sources. Mitigation: upgrade to 18.5.2 or later (as implied by the fixed version...