5 matches found
SUSE CVE-2025-8916
Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the Bouncy Castle Inc. BC Java bcprov on All API modules, Legion of the Bouncy Castle Inc. BCPKIX FIPS bcpkix-fips on All API modules allows Excessiv...
PT-2025-7008 · Easybe · Easy Bet
Name of the Vulnerable Software and Affected Versions: Easy Bet versions 1.0.0 through 1.0.7 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Reflected XSS. Recommendations: For versions 1.0.0 throug...
PT-2024-32652 · Google · Google Cse Plugin For Wordpress
Name of the Vulnerable Software and Affected Versions: Google CSE WordPress plugin versions 1.0.0 through 1.0.7 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example i...
TYPO3 跨站脚本漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A cross-site scripting vulnerability exists in TYPO3 HTML sanitizer versions 1.0.0 to 1.0.7 and 2.0.0 to 2.1.0, which stems from a parsing issue in the upstream package masterminds/html5...
PT-2022-13941 · WordPress · Postmagthemes Demo Import
Name of the Vulnerable Software and Affected Versions: PostmagThemes Demo Import WordPress plugin versions 1.0.0 through 1.0.7 Description: The issue allows high-privilege users, such as admins, to upload arbitrary files, including PHP files, due to a lack of validation of the imported file. This...