EUVD-2023-35115

Malicious code in bioql PyPI...

CVE-2023-46192

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Internet Marketing Ninjas Internal Link Building plugin = 1.2.3 versions...

CVE-2023-40604

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Jes Madsen Cookies by JM plugin = 1.0 versions...

CVE-2023-25042

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Liam Gladdy Storm Consultancy oAuth Twitter Feed for Developers plugin = 2.3.0 versions...

CVE-2023-30477

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Essitco AFFILIATE Solution plugin = 1.0 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Catalyst Connect Catalyst Connect Zoho CRM Client Portal plugin = 2.0.0 versions...

CVE-2023-23829

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pierre JEHAN Owl Carousel plugin = 0.5.3 versions...

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in RVOLA WP Original Media Path plugin = 2.4.0 versions...

CVE-2023-25716

Auth admin+ Stored Cross-Site Scripting XSS vulnerability in gqevu6bsiz Announce from the Dashboard plugin = 1.5.1 versions...

OLIMPOKS Cross-Site Scripting Vulnerability

OLIMPOKS is a mobile device application for vocational training from olimpoks Russia. The application offers provides the opportunity to conduct training in industrial safety certified areas approved by Rostekhnadzor, labor protection, labor protection, civil defense and emergency situations on...

CVE-2020-16270

OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can use discovered vulnerability to inject malicious JavaScript payload to victim’s browsers in context of vulnerable applications. Executed code can be used to steal administrator’s cookies, influence HTML content of...

CVE-2019-17431

An issue was discovered in fastadmin 1.0.0.20190705beta. There is a public/index.php/admin/auth/admin/add CSRF vulnerability...

NetworkManager: Did not honour PolicyKit auth_admin action element by creation of Ad-Hoc wireless networks

GNOME NetworkManager before 0.8.6 does not properly enforce the authadmin element in PolicyKit, which allows local users to bypass intended wireless network sharing restrictions via unspecified vectors...

Online Password Manager 4.1 - Insecure Cookie Handling

Online Password Manager 4.1 - Insecure Cookie Handling Online Password Manager v4.1 Insecure Cookie Handling Vulnerability ---------------------------------------------------------- Discovered By: ZoRLu Date: 15.04.2009 Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com contact:...

Online Password Manager 4.1 - Insecure Cookie Handling

Online Password Manager v4.1 Insecure Cookie Handling Vulnerability ---------------------------------------------------------- Discovered By: ZoRLu Date: 15.04.2009 Home: yildirimordulari.com / dafgamers.com / z0rlu.blogspot.com contact: [email protected] N0T: Herkes Hecker Olmus :S yav siktir...

CVE-2001-1343

CVE-2001-1343 affects WebStore 400/400CS 4.14 via ws_mail.cgi. The vulnerability allows remote authenticated WebStore administrators to execute arbitrary code by supplying shell metacharacters in the kill parameter. The CVSS metrics indicate network access with low attack complexity and no authen...