Linux Distros Unpatched Vulnerability : CVE-2024-37674

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross Site Scripting vulnerability in Moodle CMS v3.10 allows a remote attacker to execute arbitrary code via the Field Name name parameter of a new activity...

WordPress plugin HurryTimer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

Web-School ERP 跨站脚本漏洞

Web-School ERP is a school management software for schools and educational organizations. A stored cross-site scripting vulnerability exists in the Activity Name and Description fields in Web-School ERP version 5.0. An attacker can exploit the vulnerability to inject and execute JavaScript code...

CVE-2018-16618

VTech Storio Max before 56.D3JM6 allows remote command execution via shell metacharacters in an Android activity name. It exposes the storeintenttranslate.x service on port 1668 listening for requests on localhost. Requests submitted to this service are checked for a string of random characters...