2840 matches found
CVE-2026-3996 WP Games Embed <= 0.1beta - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The WP Games Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the game shortcode in all versions up to and including 0.1beta. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'width', 'height', 'src',...
CVE-2026-3996 WP Games Embed <= 0.1beta - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes
The WP Games Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the game shortcode in all versions up to and including 0.1beta. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'width', 'height', 'src',...
PT-2026-26866
The WP Games Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the game shortcode in all versions up to and including 0.1beta. This is due to insufficient input sanitization and output escaping on user-supplied shortcode attributes such as 'width', 'height', 'src',...
EUVD-2026-13622
exactyl is a customisable game management panel and billing system. Commits after 025e8dbb0daaa04054276bda814d922cf4af58da and before e28edb204e80efab628d1241198ea4f079779cfd inject server-side objects into client-side JavaScript through resources/views/templates/wrapper.blade.php. Using unescape...
EUVD-2025-208755
Doom Launcher 3.8.1.0 is vulnerable to Directory Traversal due to missing file path validation during the extraction of game files...
CVE-2025-66687
Doom Launcher 3.8.1.0 is vulnerable to Directory Traversal due to missing file path validation during the extraction of game files...
CVE-2025-66687
Doom Launcher 3.8.1.0 is vulnerable to a Directory Traversal flaw caused by missing file path validation during extraction of game files. The issue is described across multiple sources (RH, NVD, EUVD, CVE listings) with a CVSSv3.1 base score of 7.5 (High) and an attack vector of Network, requirin...
CVE-2025-66687
Doom Launcher 3.8.1.0 is vulnerable to Directory Traversal due to missing file path validation during the extraction of game files...
[SECURITY] Fedora 43 Update: easyrpg-player-0.8.1.1-4.fc43
EasyRPG Player is a game interpreter for RPG Maker 2000/2003 and EasyRPG game s. To play a game, run the "easyrpg-player" executable inside a RPG Maker 2000/2003 game project folder same place as RPGRT.exe...
[SECURITY] Fedora 42 Update: easyrpg-player-0.8.1.1-2.fc42
EasyRPG Player is a game interpreter for RPG Maker 2000/2003 and EasyRPG game s. To play a game, run the "easyrpg-player" executable inside a RPG Maker 2000/2003 game project folder same place as RPGRT.exe...
[SECURITY] Fedora 44 Update: easyrpg-player-0.8.1.1-5.fc44
EasyRPG Player is a game interpreter for RPG Maker 2000/2003 and EasyRPG game s. To play a game, run the "easyrpg-player" executable inside a RPG Maker 2000/2003 game project folder same place as RPGRT.exe...
EUVD-2026-11532
A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argument gamename results in cross site scripting. The attack may be performed from remote. The exploit...
EUVD-2026-11533
A weakness has been identified in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This vulnerability affects unknown code of the file saveupathlete.php. This manipulation of the argument aname causes cross site scripting. It is possible to initiate the attack remotely. Th...
CVE-2026-3983
A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argument gamename results in cross site scripting. The attack may be performed from remote. The exploit...
CVE-2026-3983 Campcodes Division Regional Athletic Meet Game Result Matrix System save-games.php cross site scripting
A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argument gamename results in cross site scripting. The attack may be performed from remote. The exploit...
CVE-2026-3983 Campcodes Division Regional Athletic Meet Game Result Matrix System save-games.php cross site scripting
A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argument gamename results in cross site scripting. The attack may be performed from remote. The exploit...
CVE-2026-3983
CVE-2026-3983 affects Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. The issue resides in an unknown part of save-games.php where manipulation of the game_name argument triggers cross-site scripting. The vulnerability is exploitable remotely and, per the description, the...
PT-2026-24922
A security flaw has been discovered in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This affects an unknown part of the file save-games.php. The manipulation of the argument game name results in cross site scripting. The attack may be performed from remote. The exploit...
CampCodes Division Regional Athletic Meet Game 代码注入漏洞
CampCodes Division Regional Athletic Meet Game is a sports competition system developed by the Philippines-based company CampCodes. Version 2.1 of CampCodes Division Regional Athletic Meet Game has a code injection vulnerability. This vulnerability stems from incorrect handling of the gamename...
PT-2026-24923
A weakness has been identified in Campcodes Division Regional Athletic Meet Game Result Matrix System 2.1. This vulnerability affects unknown code of the file save up athlete.php. This manipulation of the argument a name causes cross site scripting. It is possible to initiate the attack remotely...