WordPress Plugin WP Discourse Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in the WordPress plugin WP Discourse, which stem...

WordPress Plugin IDonatePro Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress plugin IDonatePro, which stems from...

The vulnerability of the dynamic_analysis.html component in the Mobile Security Framework (MobSF), a security research framework for mobile applications, allows an attacker to execute cross-site scripting attacks.

The vulnerability of the dynamicanalysis.htm component in the Mobile Security Framework MobSF for mobile application security research is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a remote attacker to execute cross-site scripting...

The vulnerability in the embedded web server of the microprogramming software for Rockwell Automation’s Micrologix 1100 and 1400 allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the embedded web server software used in Rockwell Automation’s Micrologix 1100 and 1400 programmable logic controllers is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a remote attacker to perform cross-site scripti...

User Profiles: the Achilles' Heel of Web Browsers

Web browsers provide the security foundation for our online experiences. Significant research has been done into the security of browsers themselves, but relatively little investigation has been done into how they interact with the operating system or the file system. In this work, we provide the...

The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer allows attackers to execute cross-site scripting attacks.

The vulnerability in the web-based interface for managing software for network deployment and security management in HPE Aruba Networking Fabric Composer is related to the lack of protective measures for the web page structure. Exploiting this vulnerability could allow a malicious actor to carry...

The vulnerability of the web interfaces of IBM OpenPages and IBM OpenPages with Watson allows attackers to perform cross-site scripting attacks and gain unauthorized access to protected information.

The vulnerability of the web interface of IBM OpenPages and IBM OpenPages with Watson relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks and gain unauthorized access to protected...

PT-2025-1613

Name of the Vulnerable Software and Affected Versions Arm Cortex-A72 versions prior to r1p0 Arm Cortex-A73 affected versions not specified Arm Cortex-A75 affected versions not specified Description The issue may allow an adversary to gain a weak form of control over the victim's branch history...

The vulnerability of the web interface of the IBM Sterling B2B Integrator software allows a perpetrator to execute arbitrary code and gain unauthorized access to protected information.

The vulnerability of the web interface of the IBM Sterling B2B Integrator software solution relates to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely and gain unauthorized access to protected...

PT-2025-1200 · Moxa · Edr-G9010 +9

Name of the Vulnerable Software and Affected Versions: Moxa EDR-810 versions prior to the fixed version Moxa EDR-8010 versions prior to the fixed version Moxa EDR-G902 versions prior to the fixed version Moxa EDR-G903 versions prior to the fixed version Moxa EDR-G9004 versions prior to the fixed...

The vulnerability of the /usr/ucb/ps component of the Solaris operating system, which allows a hacker to access confidential information

The vulnerability of the /usr/ucb/ps component of the Solaris operating system is related to insufficient protection for service data. Exploiting this vulnerability can allow an attacker to access confidential information...

The vulnerability in the web interface of the SOLDR threat detection and analysis system allows attackers to perform cross-site scripting attacks (XSS).

The vulnerability of the SOLDR threat detection and analysis web interface exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks XSS by injecting malicious JavaScript code...

The vulnerability in the web interface of the Cisco Secure Firewall Management Center software (formerly known as Cisco Firepower Management Center) allows a attacker to carry out XSS attacks.

The vulnerability in the web interface of the Cisco Secure Firewall Management Center formerly known as Cisco Firepower Management Center exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS...

The vulnerability of the Device Dependencies function in the LibreNMS network monitoring system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Device Dependencies function in the LibreNMS network monitoring system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability in the web interface of Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition (SME) allows a attacker to execute XSS attacks.

The vulnerability in the web interface for Cisco Unified Communications Manager and Cisco Unified Communications Manager Session Management Edition exists due to the lack of security measures taken to protect the web page structure. Exploiting this vulnerability allows a malicious actor to carry...

The vulnerability in the Splunk Web interface of the Splunk Enterprise operating analysis platform allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the Splunk Web interface of the Splunk Enterprise operating analysis platform is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability could allow a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability in the web interface of the Cisco AsyncOS operating system allows for XSS attacks by attackers, enabling them to carry out cross-site scripting attacks.

The vulnerability in the Cisco AsyncOS operating system’s web interface exists due to the lack of security measures taken to protect the structure of the web pages. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

The vulnerability of the Thumbnails component in the Redmine web application for managing projects and tasks allows a hacker to perform cross-site scripting attacks.

The vulnerability of the Thumbnails component in the Redmine web application for managing projects and tasks exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the build configuration of the CI/CD application delivery system JetBrains TeamCity allows a hacker to perform cross-site scripting attacks.

The vulnerability of the build configuration of the CI/CD application deployment system JetBrains TeamCity is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

The vulnerability of the URL Handler component in SAP Companion software for interactive user training allows a attacker to carry out XSS attacks.

The vulnerability of the URL Handler component in SAP Companion’s interactive user training software exists due to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...