137 matches found
EUVD-2012-1036
Malware in sbrugna...
EUVD-2012-1035
Malware in sbrugna...
EUVD-2021-34684
Malicious code in bioql PyPI...
EUVD-2022-42630
Malicious code in bioql PyPI...
CVE-2021-4459
An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices...
CVE-2021-4459
An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices...
CVE-2021-4459 SMA: Directory Traversal in Sunny Boy <3.10.27.R
An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected Sunny Boy devices...
CVE-2021-4459
CVE-2021-4459 is a directory traversal vulnerability in SMA Sunny Boy inverters. The issue allows an authenticated remote attacker to access files/directories outside the web root, potentially exposing sensitive system information on affected Sunny Boy devices. The CVE is described with the title...
SMA Solar Technology AG Sunny Boy 安全漏洞
SMA Solar Technology AG Sunny Boy is a photovoltaic inverter from SMA Solar Technology AG, Germany. A security vulnerability exists in the SMA Solar Technology AG Sunny Boy that stems from improper access control and could lead to the disclosure of sensitive system information...
PT-2025-34841 · Sma Solar Technology · Sunny Boy
Name of the Vulnerable Software and Affected Versions: Sunny Boy affected versions not specified Description: An authorized remote attacker can access files and directories outside the intended web root, potentially exposing sensitive system information of the affected devices. Recommendations: A...
CVE-2024-9116
The Monkee-Boy Essentials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...
CVE-2022-3216
A vulnerability has been found in Nintendo Game Boy Color and classified as problematic. This vulnerability affects unknown code of the component Mobile Adapter GB. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and...
CVE-2012-10013
A vulnerability was found in Kau-Boy Backend Localization Plugin up to 1.6.1 on WordPress. It has been rated as problematic. This issue affects some unknown processing of the file backendlocalization.php. The manipulation leads to cross site scripting. The attack may be initiated remotely...
CVE-2012-10014
A vulnerability classified as problematic has been found in Kau-Boy Backend Localization Plugin 2.0 on WordPress. Affected is the function backendlocalizationadminsettings/backendlocalizationsavesetting/backendlocalizationloginform/localizebackend of the file backendlocalization.php. The...
CVE-2024-9116
The Monkee-Boy Essentials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...
CVE-2024-9116 Monkee-Boy Essentials <= 1.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
The Monkee-Boy Essentials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...
CVE-2024-9116
CVE-2024-9116 concerns the Monkee-Boy Essentials WordPress plugin. The connected sources confirm a stored XSS via SVG file uploads in all versions up to 1.1, caused by insufficient input sanitization and output escaping. The vulnerability requires authenticated access at Author level or higher, e...
CVE-2024-9116 Monkee-Boy Essentials <= 1.1 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload
The Monkee-Boy Essentials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...
WordPress plugin Monkee-Boy Essentials 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Monkee-Boy Essentials plugin <= 1.1 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability
Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin Monkee-Boy Essentials versions = 1.1...