CVE-2025-14149

The Xpro Addons — 140+ Widgets for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Scroller widget box link attribute in all versions up to, and including, 1.4.24 due to insufficient input sanitization and output escaping on user supplied...

MK-AUTH Cross-Site Request Forgery Vulnerability

MK-AUTH is an access control system developed by Pedro Filho, an individual developer in Brazil. A cross-site request forgery vulnerability exists in MK-AUTH through version 19.01 K4.9, which allows passwords to be changed via the central executor central.php. No details of the vulnerability are...

MK-AUTH cross-site scripting vulnerability (CNVD-2021-17430)

MK-AUTH is an access control system from the Brazilian software developer Pedro Filho. A cross-site scripting vulnerability exists in the admin and client scripts in MK-AUTH version 19.01, which can be exploited by an attacker to execute arbitrary JavaScript code...

CVE-2018-15326

In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.2, the CRLDP Auth access policy agent may treat revoked certificates as valid when the BIG-IP APM system fails to download a new Certificate Revocation List...

Could not sign CSR Caused by: java.io.IOException: Cannot obtain certificate from certsrv authority: 403 Forbidden (ZDM-certsrv/1.0 - 403 16)

XenMobile Client Certificate request responded with a HTTP Response 403 16 Forbidden by the issuing server IIS Log : 2016-10-11 14:42:18 10.1.1.51 POST /certsrv/certfnsh.asp - 443 - 192.168.100.100 ZDM-certsrv/1.0 - 403 16 2148204809 31...