EUVD-2005-3511

Malware in sbrugna...

EUVD-2021-11710

Malware in sbrugna...

SUSE CVE-2025-5641

A vulnerability was found in Radare2 5.9.9. It has been rated as problematic. This issue affects the function rconsisbreaked in the library /libr/cons/cons.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. It is possible to launch the attack on the local...

SUSE CVE-2025-5648

A vulnerability was found in Radare2 5.9.9. It has been classified as problematic. Affected is the function rconspalinit in the library /libr/cons/pal.c of the component radiff2. The manipulation of the argument -T leads to memory corruption. An attack has to be approached locally. The complexity...

Radare2 缓冲区错误漏洞

Radare2 is a Libre reverse framework open-sourced by Radare for Unix geeks. A buffer error vulnerability exists in Radare2 version 5.9.9, which stems from memory corruption due to incorrect manipulation of the parameter -T...

Radare2 缓冲区错误漏洞

Radare2 is a Libre reverse framework for Unix geeks open-sourced by Radare. A buffer error vulnerability exists in Radare2 version 5.9.9, which stems from the mishandling of the parameter -T by the function consstackload in the component radare2, which could lead to memory corruption...

Radare2 缓冲区错误漏洞

Radare2 is a Libre reverse framework open-sourced by Radare for Unix geeks. A buffer error vulnerability exists in Radare2 version 5.9.9, which stems from memory corruption due to incorrect manipulation of the parameter -T...

PT-2024-17579 · WordPress · Export Customers Data Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: Export Customers Data plugin for WordPress versions up to, and including, 1.2.3 Description: The issue is related to Reflected Cross-Site Scripting via the t parameter due to insufficient input sanitization and output escaping. This allows...

CVE-2022-1820

The Keep Backup Daily plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘t’ parameter in versions up to, and including, 2.0.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts...

PT-2022-14139 · WordPress · Keep Backup Daily

Name of the Vulnerable Software and Affected Versions: The Keep Backup Daily plugin for WordPress versions up to, and including, 2.0.2 Description: The issue is related to Reflected Cross-Site Scripting via the t parameter due to insufficient input sanitization and output escaping. This allows...

CVE-2021-24798

The WP Header Images WordPress plugin before 2.0.1 does not sanitise and escape the t parameter before outputting it back in the plugin's settings page, leading to a Reflected Cross-Site Scripting issue...

CVE-2021-41492

Multiple SQL Injection vulnerabilities exist in Sourcecodester Simple Cashiering System POS 1.0 via the 1 Product Code in the pos page in cashiering. 2 id parameter in manageproducts and the 3 t paramater in actions.php...

Border Loading Bar <= 1.0.1 - Reflected Cross-Site Scripting

The plugin is vulnerable to Reflected Cross-Site Scripting via the f and t parameter found in the /titan-framework/iframe-googlefont-preview.php file which allows attackers to inject arbitrary web scripts...

CVE-2020-24314

Fahad Mahmood RSS Feed Widget Plugin v2.7.9 and lower does not sanitize the value of the "t" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL...

RSS Feed Widget < 2.8.1 - Authenticated Cross-Site Scripting (XSS)

The RSS Feed Widget WordPress plugin version 2.8.0 and below was vulnerable to Authenticated Cross-Site Scripting XSS within the "t" GET parameter. PoC http://www.example.com/wp-admin/admin.php?page=rfwoptions=1"...

CVE-2019-13489

Trape through 2019-05-08 has SQL injection via the data2 variable in core/db.py, as demonstrated by the /bs t parameter...

SQL injection vulnerability in gsjj.php page t parameter of Olekai website builder system

Olekai website builder is a website editing, designing and other website building system. There is a SQL injection vulnerability in the t parameter in the gsjj.php page of the Olekai website builder system, which can be exploited by an attacker to obtain sensitive information from the database...

Multiple Reflective Cross-Site Scripting Vulnerabilities in Treehole Outbound Linking System

Treehole external chain system is a free and open source PHP external chain network disk system, support for seven cattle, local, remote three kinds of storage methods, support for multi-user system. TreeHole Outbound Linking System '\content\common\vplayer.php' and '\views\error.php' files have...

CVE-2010-2723

CVE-2010-2723 describes a Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 that allows remote attackers to inject arbitrary web script or HTML via the T parameter. Affected software is LISTSERV 15 and LISTSERV 16; the underlying issue is an input handling flaw enabling script inject...

Directory traversal

Directory traversal vulnerability in test/index.php in PHP-Sugar 0.80 allows remote attackers to read arbitrary files via a ..// dot dot slash slash in the t parameter...