2672 matches found
PT-2022-18643 · Unknown · Alexander Ustimenko'S Psychological Tests & Quizzes Plugin
Name of the Vulnerable Software and Affected Versions: Alexander Ustimenko's Psychological tests & quizzes plugin versions = 0.21.19 Description: The issue is a Stored Cross-Site Scripting XSS vulnerability. It affects users with a contributor or higher role. The vulnerability can be exploited vi...
WordPress Call Now Button plugin <= 1.1.1 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by 7coo and JrXnm in WordPress Call Now Button plugin versions = 1.1.1. Solution Update the WordPress Call Now Button plugin to the latest available version at least 1.1.2...
Call Now Button < 1.1.2 - Reflected Cross-Site Scripting
The plugin does not escape a parameter before outputting it back in an attribute of a hidden input, leading to a Reflected Cross-Site Scripting when the premium is enabled With premium enabled: http://example.com/wp-admin/admin.php?page=call-now-button&bid=xxxxx" accesskey=X onclick=alert/XSS/...
Fuel CMS 1.5.0 - Cross-Site Request Forgery Vulnerability
Exploit Title: Fuel CMS 1.5.0 - Cross-Site Request Forgery CSRF Google Dork: NA Exploit Author: Ali J Vendor Homepage: https://www.getfuelcms.com/ Software Link: https://github.com/daylightstudio/FUEL-CMS/releases/tag/1.5.0 Version: 1.5.0 Tested on: Windows 10 Steps to Reproduce: 1. Login with us...
admin-tool-button (>=1.0.1a0 <=1.0.5a0), aimmo (>=2.0.0 <=2.0.1) +71 more potentially affected by CVE-2022-28347 via django (>=3.2.0 <=3.2.12)
django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =6.0.0, =6.0.0, =6.4.1 - coldfront =1.1.0 - common-framework =2021.4.1 - directory-validators =9.0.0 and more Source cves: CVE-2022-28347 Source advisory: OSV:GHSA-W24H-V9QH-8GXJ...
admin-tool-button (>=1.0.1a0 <=1.0.5a0), aimmo (>=2.0.0 <=2.0.1) +71 more potentially affected by CVE-2022-28347 via django (>=3.2.0 <=3.2.12)
django PYPI version =3.2.0, =1.0.1a0, =2.0.0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =6.0.0, =6.0.0, =6.4.1 - coldfront =1.1.0 - common-framework =2021.4.1 - directory-validators =9.0.0 and more Source cves: CVE-2022-28347 Source advisory: OSV:PYSEC-2022-191...
Unbreakable Enterprise kernel security update
5.4.17-2136.306.1.3 - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34053807 CVE-2022-1158 5.4.17-2136.306.1.2 - Revert 'rds/ib: recover rds connection from stuck rx path' Rohit Nair Orabug: 34045203 5.4.17-2136.306.1.1 - netfilter: nftables: initialize...
After upgrading CWA Chrome to version 2203, when USB device is added to session the device is not available in the session. Message " device is already in use in other session"
After upgrading to latest CWA for Chrome the end users are not able to connect to USB devices. The message the user sees when trying to manually add the device is that the device is already in use and the transfer button is greyed out...
CVE-2015-10002
A vulnerability classified as problematic has been found in Kiddoware Kids Place. This affects the Home Button Protection. A repeated pressing of the button causes a local denial of service. It is recommended to upgrade the affected component...
Design/Logic Flaw
A vulnerability classified as problematic has been found in Kiddoware Kids Place. This affects the Home Button Protection. A repeated pressing of the button causes a local denial of service. It is recommended to upgrade the affected component...
CVE-2015-10002 Kiddoware Kids Place Home Button Protection denial of service
A vulnerability classified as problematic has been found in Kiddoware Kids Place. This affects the Home Button Protection. A repeated pressing of the button causes a local denial of service. It is recommended to upgrade the affected component...
CVE-2015-10002
CVE-2015-10002 affects Kiddoware Kids Place, specifically the Home Button Protection feature. According to the consolidated sources, a vulnerability arises from repeated pressing of the Home Button Protection, leading to a local denial of service. The issue is documented across multiple feeds (NV...
CVE-2015-10002 Kiddoware Kids Place Home Button Protection denial of service
A vulnerability classified as problematic has been found in Kiddoware Kids Place. This affects the Home Button Protection. A repeated pressing of the button causes a local denial of service. It is recommended to upgrade the affected component...
Kiddoware Kids Place 安全漏洞
Kiddoware Kids Place is an application with parental monitoring and child lock features from Kiddoware USA. A security vulnerability exists in the Kiddoware Kids Place Home Button Protection component, which stems from Repeated button presses in Home Button Protection can result in a denial of...
Unbreakable Enterprise kernel-container security update
5.4.17-2136.305.5.3 - bpf: fix out-of-tree module build Alan Maguire Orabug: 33973548 - ACPICA: Enable sleep button on ACPI legacy wake Anchal Agarwal Orabug: 33973543 - Revert 'btrfs: inode: refactor the parameters of insertreservedfileextent' Srikanth C S Orabug: 33973491 - Revert 'btrfs: fix...
CVE-2022-26555
A stored cross-site scripting XSS vulnerability in the Add a Button function of Eova v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the button name text box...
CVE-2022-26555
A stored cross-site scripting XSS vulnerability in the Add a Button function of Eova v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the button name text box...
Cross site scripting
A stored cross-site scripting XSS vulnerability in the Add a Button function of Eova v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the button name text box...
CVE-2022-26555
A stored cross-site scripting XSS vulnerability in the Add a Button function of Eova v1.6.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the button name text box...
Eova 跨站脚本漏洞
Eova is a rapid development platform for the Eova community in China. A security vulnerability exists in Eova v1.6.0 that allows attackers to execute arbitrary web script or HTML via a specially crafted attack payload injected into the button name text box...