CVE-2025-70792

Cross Site Scripting vulnerability in the "/admin/category/create" endpoint of Microweber 2.0.19. An attacker can manipulate the "relid" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was...

Microweber 安全漏洞

Microweber is an open-source online store management system that provides drag-and-drop functionality. This system includes modules for adding products and images. Version 2.0.19 of Microweber has a security vulnerability. This vulnerability stems from the admin/order/abandoned endpoint having...

CVE-2025-70792

Cross Site Scripting vulnerability in the "/admin/category/create" endpoint of Microweber 2.0.19. An attacker can manipulate the "relid" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was...

CVE-2025-70792

Cross Site Scripting vulnerability in the "/admin/category/create" endpoint of Microweber 2.0.19. An attacker can manipulate the "relid" parameter in a crafted URL and lure a user with admin privileges into visiting it, achieving JavaScript code execution in the victim's browser. The issue was...

CVE-2025-13753

The WP Table Builder – Drag & Drop Table Builder plugin for WordPress is vulnerable to unauthorized modification of data due to an incorrect authorization check on the savetable function in all versions up to, and including, 2.0.19. This makes it possible for authenticated attackers, with...

CVE-2025-13753

CVE-2025-13753 refers to the WP Table Builder – Drag & Drop Table Builder plugin for WordPress. The issue is an incorrect authorization check on save_table() , enabling authenticated users with Subscriber+ privileges to create new wptb-table posts in versions up to and including 2.0.19. The Wordf...

PT-2026-1712

Name of the Vulnerable Software and Affected Versions WP Table Builder – Drag & Drop Table Builder plugin for WordPress versions up to and including 2.0.19 Description The WP Table Builder – Drag & Drop Table Builder plugin for WordPress has a flaw where data can be modified without proper...

CVE-2025-67932

CVE-2025-67932 – Listeo Core (Purethemes) vulnerable to Reflected XSS in Listeo Core: vulnerable <2.0.19. Attack requires user interaction and no privileges. CVSS v3.1: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L; base score 7.1 (HIGH). Patch: Listeo Core version 2.0.19 or newer releases address the i...

PT-2026-1907

Name of the Vulnerable Software and Affected Versions purethemes Listeo Core versions prior to 2.0.19 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-site Scripting XSS issue. This allows for the injection of...

Microweber 安全漏洞

Microweber is Microweber open source online store management system that provides drag and drop functionality. The system includes modules for adding products, images, and more. A security vulnerability exists in Microweber version 2.0.19, which stems from the incorrect operation of the parameter...

Fedora: Security Advisory (FEDORA-2024-e36b567b66)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress PropertyHive plugin <= 2.0.19 - Cross-Site Request Forgery via save_account_details vulnerability

Cross-Site Request Forgery via saveaccountdetails vulnerability discovered by wesley wcraft in WordPress Plugin PropertyHive versions = 2.0.19...

WordPress plugin PropertyHive 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...

WordPress Blocksy Theme <= 2.0.19 is vulnerable to Cross Site Scripting (XSS)

Software Blocksy Type Theme Vulnerable versions = 2.0.19 Fixed in 2.0.20 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24871 Patch priority Low CVSS severity Low 6.5 Developer Creative Themes PSID 07c604dd56fb Credits savphill Required privilege Editor Published ...

SUSE-SU-2020:0779-1 Security update for keepalived

This update for keepalived fixes the following issues: Initial release of keepalived v2.0.19 as supported package. bsc1158280, jscECO-223...

phpBB <= 2.0.19 XSS Remote Cookie Disclosure Exploit

No description provided by source. to be used with cookie stealer located here: http://www.milw0rm.com/id.php?id=1103 Make sure you change www.milw0rm.com to your domain. thnx. /str0ke Author: threesixthousan / As long as html is ON in the latest version of phpBB forums, several XSS attack vector...

aiContactSafe 2.0.19

xss 160413 developer release statement for version 2.0.21 Authors:...

Fedora 16 : php-symfony2-HttpFoundation-2.0.19-1.fc16 (2012-19455)

Updated to version 2.0.19 Changelog: https://github.com/symfony/symfony/blob/v2.0.19/CHANGELOG-2.0.md Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

PT-2007-3062 · Phpbb · Phpbb

Name of the Vulnerable Software and Affected Versions: phpBB version 2.0.19 Description: A remote file inclusion issue in the includes/usercp register.php file allows remote attackers to execute arbitrary PHP code via a URL in the phpbb root path parameter. However, it has been noted that this...

phpBB 2.0.19 - &#039;user_sig_bbcode_uid&#039; Remote Code Execution

!/usr/bin/perl r57phpbba2e2.pl - phpBB admin 2 exec exploit version 2 based on usersigbbcodeuid bug tested on 2.0.12 , 2.0.13 , 2.0.19 -------------------------------------------- screen r57phpbba2e2.pl -u http://192.168.0.2/phpBB-2.0.19/ -L admin -P password Command for execute or 'exit' for exi...