2673 matches found
CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...
CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...
CVE-2023-6816 Xorg-x11-server: heap buffer overflow in devicefocusevent and procxiquerypointer
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...
CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...
SUSE CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...
X.org Server Buffer Error Vulnerability
X.org Server is an open source free software from the X.org Foundation. A security vulnerability exists in versions of X.org Server prior to 21.1.11 that stems from allocating space for only a specific number of buttons for a device, which could result in a heap overflow if a larger value is used...
CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...
UBUNTU-CVE-2023-6816
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leadin...
CVE-2024-23174
An issue was discovered in the PageTriage extension in MediaWiki before 1.35.14, 1.36.x through 1.39.x before 1.39.6, and 1.40.x before 1.40.2. XSS can occur via the rev-deleted-user, pagetriage-tags-quickfilter-label, pagetriage-triage, pagetriage-filter-date-range-format-placeholder,...
WordPress Button Plugin MaxButtons < 9.7.6 - Authenticated (Administrator+) Stored Cross-Site Scripting
Description The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.7.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
CVE-2023-6594
CVE-2023-6594 affects WordPress MaxButtons: Stored XSS via admin settings in all versions up to 9.7.4. Exploitation requires administrator-level privileges (or higher) and contexts where unfiltered_html is disabled, with multi-site installations affected. Root cause: insufficient input sanitizati...
WordPress Plugin WordPress Button Plugin MaxButtons Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin WordPress Button Plugin...
iGalerie 3.0.22 Cross Site Scripting Vulnerability
Exploit Title: iGalerie Version: 3.0.22 - Reflected XSS Exploit Author: tmrswrr Vendor Homepage: https://www.igalerie.org/ Version: 3.0.22 Tested on: https://softaculous.com/demos/iGalerie 1 Go to home page and click edit https://127.0.0.1/iGalerie/ Titre : "sVg/onLy=1 onLoaD=confirm1// 2 Write i...
iGalerie 3.0.22 Cross Site Scripting
Exploit Title: iGalerie Version: 3.0.22 - Reflected XSS Date: 2024-7-1 Exploit Author: tmrswrr Vendor Homepage: https://www.igalerie.org/ Version: 3.0.22 Tested on: https://softaculous.com/demos/iGalerie 1 Go to home page and click edit https://127.0.0.1/iGalerie/ Titre : "sVg/onLy=1...
CVE-2023-52149
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Floating Button.This issue affects Floating Button: from n/a through 6.0...
CVE-2023-52149
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Floating Button.This issue affects Floating Button: from n/a through 6.0...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Floating Button.This issue affects Floating Button: from n/a through 6.0...
CVE-2023-52149 WordPress Floating Button Plugin <= 6.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Floating Button.This issue affects Floating Button: from n/a through 6.0...
CVE-2023-52149
CVE-2023-52149 is a CSRF in the Floating Button plugin (Wow-Company) affecting versions up to 6.0. Exploitation relies on CSRF via the plugin’s process_bulk_action, enabling unauthorized actions on affected sites. Patch/mitigation: upgrade to 6.0 or apply the vendor patch as indicated in the vuln...
CVE-2023-52149 WordPress Floating Button Plugin <= 6.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Floating Button.This issue affects Floating Button: from n/a through 6.0...