2341 matches found
Bootstrap Cross-Site Scripting (XSS) vulnerability
A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting XSS attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an tag due to inadequate sanitization. This...
Number withdrawn
Bootstrap is an open source web front-end framework developed using HTML, CSS, and JavaScript by Bootstrap, Inc. This CVE number has been withdrawn...
Bootstrap Cross-Site Scripting (XSS) vulnerability
A vulnerability has been identified in Bootstrap that exposes users to Cross-Site Scripting XSS attacks. The issue is present in the carousel component, where the data-slide and data-slide-to attributes can be exploited through the href attribute of an tag due to inadequate sanitization. This...
CVE-2024-37462
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows Path Traversal.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.2...
CVE-2024-37462 WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.2 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows Path Traversal.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.2...
CVE-2024-37462 WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.2 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in G5Theme Ultimate Bootstrap Elements for Elementor allows Path Traversal.This issue affects Ultimate Bootstrap Elements for Elementor: from n/a through 1.4.2...
CVE-2024-37462
CVE-2024-37462 is an LFI/path traversal vulnerability in the Ultimate Bootstrap Elements for Elementor plugin. Public details identify affected software as Ultimate Bootstrap Elements for Elementor (1.0 through 1.4.2) and describe improper restriction of a pathname to a restricted directory, enab...
PT-2024-27573 · Unknown · G5Theme Ultimate Bootstrap Elements For Elementor
Name of the Vulnerable Software and Affected Versions: G5Theme Ultimate Bootstrap Elements for Elementor versions n/a through 1.4.2 Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as a 'Path Traversal' vulnerability. This allows...
WordPress plugin Ultimate Bootstrap Elements for Elementor Path Traversal Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
CVE-2024-6526
A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument searchtitle/catName/sub/name/categorie leads to cross site scripting. It is possib...
CVE-2024-6526
A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument searchtitle/catName/sub/name/categorie leads to cross site scripting. It is possib...
CVE-2024-6526 CodeIgniter Ecommerce-CodeIgniter-Bootstrap cross site scripting
A vulnerability classified as problematic has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03. This affects an unknown part. The manipulation of the argument searchtitle/catName/sub/name/categorie leads to cross site scripting. It is possib...
CVE-2024-6526
CVE-2024-6526 affects CodeIgniter Ecommerce-CodeIgniter-Bootstrap. The vulnerability arises from manipulation of the arguments search_title, catName, sub, name, and categorie, which leads to cross-site scripting (XSS). It can be exploited remotely, and public exploits/ PoC have been disclosed. A ...
PT-2024-37690 · Unknown · Codeigniter
Name of the Vulnerable Software and Affected Versions: CodeIgniter Ecommerce-CodeIgniter-Bootstrap up to 1998845073cf433bc6c250b0354461fbd84d0e03 Description: A problematic vulnerability has been found in CodeIgniter Ecommerce-CodeIgniter-Bootstrap. The manipulation of the argument search...
CBL Mariner 2.0 Security Update: javapackages-bootstrap (CVE-2023-37460)
The version of javapackages-bootstrap installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-37460 advisory. - Plexis Archiver is a collection of Plexus components to create archives or extract archives ...
WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.2 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Ultimate Bootstrap Elements for Elementor versions = 1.4.2...
WordPress Ultimate Bootstrap Elements for Elementor Plugin <= 1.4.2 is vulnerable to Local File Inclusion
Software Ultimate Bootstrap Elements for Elementor Type Plugin Vulnerable versions = 1.4.2 Fixed in 1.4.3 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-37462 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID a8f9d8a5eba6 Credits João...
Malicious code in bootstrap-sass-official (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad2a7bd842611f44470a65604ac8bbe370ada242710bfe735059883033b680cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-1832 Malicious code in bootstrap-sass-official (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ad2a7bd842611f44470a65604ac8bbe370ada242710bfe735059883033b680cb Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Cruddiy Command Injection Vulnerability
Cruddiy is a free no-code PHP bootstrap CRUD generator by Jan van den Berg, a personal developer. A security vulnerability exists in Cruddiy that stems from vulnerability to shell command injection attacks...