Lucene search
K

35 matches found

Cvelist
Cvelist
added 2026/04/05 8:45 p.m.20 views

CVE-2019-25656 R i386 3.5.0 Local Buffer Overflow SEH

R i386 3.5.0 contains a local buffer overflow vulnerability in the GUI Preferences dialog that allows local attackers to trigger a structured exception handler SEH overwrite by supplying malicious input. Attackers can craft a payload string in the 'Language for menus and messages' field to...

8.6CVSS0.00159EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/04 1:51 p.m.27 views

CVE-2018-25253 Termite 3.4 Denial of Service via Settings Buffer Overflow

Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by supplying an excessively long string. Attackers can paste a 2000-byte payload into the Settings User interface language field to crash the...

6.9CVSS0.0018EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-10644

Malicious code in bioql PyPI...

7.1CVSS7.7AI score0.00191EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/11 4:59 p.m.18 views

CVE-2025-31382

Cross-Site Request Forgery CSRF vulnerability in theode Language Field language-field allows Stored XSS.This issue affects Language Field: from n/a through = 0.9...

7.1CVSS7.2AI score0.00191EPSS
Exploits0References1
NVD
NVD
added 2025/04/09 5:15 p.m.19 views

CVE-2025-31382

Cross-Site Request Forgery CSRF vulnerability in theode Language Field language-field allows Stored XSS.This issue affects Language Field: from n/a through = 0.9...

7.1CVSS0.00191EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/04/09 4:10 p.m.4 views

CVE-2025-31382 WordPress Language Field plugin <= 0.9 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in theode Language Field allows Stored XSS. This issue affects Language Field: from n/a through 0.9...

7.1CVSS6.8AI score0.00191EPSS
Exploits0References1
CVE
CVE
added 2025/04/09 4:10 p.m.51 views

CVE-2025-31382

CVE-2025-31382 affects the Language Field plugin for WordPress. The issue is a Cross-Site Request Forgery (CSRF) vulnerability that can lead to Stored Cross-Site Scripting (XSS). The provided metrics show a CVSS v3.1 base score of 7.1 (HIGH) with network attack vector, low attack complexity, and ...

7.1CVSS7.2AI score0.00191EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/04/09 12:0 a.m.4 views

PT-2025-15740 · Unknown · Theode Language Field

Name of the Vulnerable Software and Affected Versions: theode Language Field versions n/a through 0.9 Description: A Cross-Site Request Forgery CSRF issue in theode Language Field allows for Stored XSS. Recommendations: For versions n/a through 0.9, consider disabling the Language Field...

7.1CVSS7.3AI score0.00191EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/04/09 12:0 a.m.2 views

WordPress plugin Language Field 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

7.1CVSS7.3AI score0.00191EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/20 12:0 a.m.4 views

Modoboa Cross-Site Scripting Vulnerability

modoboa is an email hosting and management platform for individual developers. A cross-site scripting vulnerability exists in versions prior to modoboa 2.2.2, which stems from a cross-site scripting vulnerability in the language field of the configuration file...

7.1CVSS6.1AI score0.00514EPSS
Exploits1References3
Huntr
Huntr
added 2023/06/23 11:44 a.m.13 views

DOM Cross Side Scripting

Description Hello team, Recently i found that, DOM XSS on profile language field there is a DOM XSS Proof of Concept Video poc: https://screencast-o-matic.com/watch/c01067VBWlV Step: 1. Login as simple user 2. Click on settings and select profile tab. 3. Click on change language as 'english' and...

4.9CVSS6.2AI score0.00514EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 3:27 a.m.4 views

SUSE CVE-2022-24710

Weblate is a copyleft software web-based continuous localization system. Versions prior to 4.11 do not properly neutralize user input used in user name and language fields. Due to this improper neutralization it is possible to perform cross-site scripting via these fields. The issues were fixed i...

5.4CVSS6.6AI score0.00741EPSS
Exploits0References3
CNVD
CNVD
added 2022/03/01 12:0 a.m.20 views

Weblate Cross-Site Scripting Vulnerability

A cross-site scripting vulnerability exists in Weblate, a Copyleft web-based free software continuous localization system, which stems from the failure of versions prior to 4.11 to properly neutralize user input used in the username and language fields. As a result of this improper neutralization...

5.4CVSS2AI score0.00741EPSS
Exploits0References1
PyPA
PyPA
added 2022/02/25 9:15 p.m.8 views

PYSEC-2022-35

Weblate is a copyleft software web-based continuous localization system. Versions prior to 4.11 do not properly neutralize user input used in user name and language fields. Due to this improper neutralization it is possible to perform cross-site scripting via these fields. The issues were fixed i...

5.4CVSS6.5AI score0.00741EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2022/02/25 12:0 a.m.2 views

Weblate 跨站脚本漏洞

A cross-site scripting vulnerability exists in Weblate, a Copyleft web-based free software continuous localization system, which stems from the failure of versions prior to 4.11 to properly neutralize user input used in the username and language fields. As a result of this improper neutralization...

5.4CVSS5.2AI score0.00741EPSS
Exploits0References6
Rows per page
Query Builder