Security update for zk (moderate)

openSUSE Security Update: Security update for zk Announcement ID: openSUSE-SU-2026:0017-1 Rating: moderate References: Cross-References: CVE-2025-58181 CVSS scores: CVE-2025-58181 SUSE: 6.9 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N Affected Products: openSUSE Backports...

EUVD-2021-21282

Malware in sbrugna...

CVE-2021-39413

Multiple Cross Site Scripting XSS vulnerabilities exits in SEO Panel v4.8.0 via the 1 totime parameter in a backlinks.php, b analytics.php, c log.php, d overview.php, e pagespeed.php, f rank.php, g review.php, h saturationchecker.php, i socialmedia.php, and j reports.php; the 2 fromtime parameter...

backlinks.vn Cross Site Scripting vulnerability OBB-3256432

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Cross site scripting

Multiple Cross Site Scripting XSS vulnerabilities exits in SEO Panel v4.8.0 via the 1 totime parameter in a backlinks.php, b analytics.php, c log.php, d overview.php, e pagespeed.php, f rank.php, g review.php, h saturationchecker.php, i socialmedia.php, and j reports.php; the 2 fromtime parameter...

PT-2021-22582 · Seo Panel · Seo Panel

Name of the Vulnerable Software and Affected Versions: SEO Panel version 4.8.0 Description: Multiple Cross Site Scripting XSS vulnerabilities exist in SEO Panel via several parameters in various PHP files. The affected parameters include to time in files such as backlinks.php, analytics.php, and...

DEBIAN-CVE-2021-41799

MediaWiki before 1.36.2 allows a denial of service resource consumption because of lengthy query processing time. ApiQueryBacklinks action=query&list=backlinks can cause a full table scan...

Code injection

MediaWiki before 1.36.2 allows a denial of service resource consumption because of lengthy query processing time. ApiQueryBacklinks action=query&list=backlinks can cause a full table scan...

UBUNTU-CVE-2021-41799

MediaWiki before 1.36.2 allows a denial of service resource consumption because of lengthy query processing time. ApiQueryBacklinks action=query&list=backlinks can cause a full table scan...

PT-2021-23412 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.36.2 Description: The issue allows for a denial of service due to resource consumption caused by lengthy query processing time. This can be triggered through the ApiQueryBacklinks endpoint, specifically with the...

CVE-2021-34632

The SEO Backlinks WordPress plugin is vulnerable to Cross-Site Request Forgery via the locconfig function found in the /seo-backlinks.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.0.1...

Cross site request forgery (csrf)

The SEO Backlinks WordPress plugin is vulnerable to Cross-Site Request Forgery via the locconfig function found in the /seo-backlinks.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.0.1...

CVE-2021-34632 SEO Backlinks <= 4.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The SEO Backlinks WordPress plugin is vulnerable to Cross-Site Request Forgery via the locconfig function found in the /seo-backlinks.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.0.1...

CVE-2021-34632

The CVE-2021-34632 entry corresponds to a CSRF vulnerability in the WordPress SEO Backlinks plugin (versions

SEO Backlinks <= 4.0.1 - CSRF to Stored XSS

The SEO Backlinks WordPress plugin is vulnerable to Cross-Site Request Forgery via the locconfig function found in the /seo-backlinks.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.0.1. CSRF PoC alert1" / alert1" / function csrfSubmit let submit...

WordPress SEO Backlinks plugin <= 4.0.1 – Cross-Site Request Forgery (CSRF) vulnerability leading to Stored Cross-Site Scripting (XSS)

Cross-Site Request Forgery CSRF vulnerability leading to Stored Cross-Site Scripting XSS discovered by Takahiro Yamashita Cryptography Laboratory - Tokyo Denki University in WordPress SEO Backlinks plugin versions = 4.0.1. Solution This plugin has been closed as of July 23, 2021 and is not...

Google Maps by Reumer, 3.5, Malicious update

Google Maps by Reumer, from mapsplugin.com, version 3.5, malicious update Version 3.3 of this plugin is listed in the JED and appears to be clean. However once installed, the Joomla update manager prompts you to update this extension to a version 3.5 which is not officially published. This versio...