93 matches found
PT-2026-49413
Unauthenticated Arbitrary File Deletion in Contact Form Extender for Divi Save Entries, File Upload & Country Code Field = 1.0.6 versions...
CVE-2026-8143 Booking Calendar – Event Calendar <= 2.1.6 - Unauthenticated Stored Cross-Site Scripting via Multiple Parameters
The HBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'hbcountryiso', 'hbusastateiso', and 'hbcanadaprovinceiso' parameters in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2018-25377
Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload and paste it into the Name and Code fields of the...
CVE-2018-25285 Fathom 2.4 Denial of Service via Authorization Code Buffer Overflow
Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of...
EUVD-2018-21805
Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of...
CVE-2018-25285
Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of...
PT-2026-35255
Fathom 2.4 contains a buffer overflow vulnerability in the Authorization Code field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 6000-byte payload into the Authorization Code field and click Activate to trigger a denial of...
WordPress Contact Form Extender for Divi – Save Entries, File Upload & Country Code Field plugin <= 1.0.6 - Arbitrary File Deletion vulnerability
Arbitrary File Deletion vulnerability discovered by babyhack@OPCIA in WordPress Plugin Contact Form Extender for Divi Save Entries, File Upload & Country Code Field versions = 1.0.6...
CVE-2019-25689
HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigge...
CVE-2019-25689
CVE-2019-25689 affects HTML5 Video Player version 1.2.5. The vulnerability is a local buffer overflow triggered by an oversized key code string entered into the KEY CODE field in the Help Register dialog, enabling arbitrary code execution and allowing an attacker to spawn a calculator process. Do...
HTML5 Video Player 缓冲区错误漏洞
Html5Videoplayer is a web video playback component implemented using HTML5 technology by Html5Videoplayer Inc. Version 1.2.5 of HTML5 Video Player contains a buffer overflow vulnerability, which stems from insufficient input validation of the KEYCODE field. This vulnerability could lead to a loca...
EUVD-2019-20037
River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a large payload of repeated characters into the 'E-Mail and Activation Cod...
CVE-2019-25475
SQL Server Password Changer 1.90 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload. Attackers can inject 6000 bytes of data into the User Name and Registration Code field to trigger a denial of service condition...
CVE-2019-25477
RAR Password Recovery 1.80 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized payload in the registration dialog. Attackers can craft a malicious input string exceeding 6000 bytes and paste it into the User Name and Registration...
CVE-2019-25484
WinMPG iPod Convert 3.0 contains a buffer overflow vulnerability in the Register dialog that allows local attackers to crash the application by supplying an oversized payload. Attackers can paste a large string of characters into the User Name and User Code field to trigger a denial of service...
CVE-2019-25649
CVE-2019-25649 affects River Past Audio Converter 7.7.16. A local buffer overflow in the activation code field (E‑Mail and Activation Code) allows a local attacker to crash the application by supplying an oversized input string, triggering a denial of service. The provided documents do not includ...
PassFab Excel Password Recovery 缓冲区错误漏洞
PassFab Excel Password Recovery is a Excel file password recovery tool developed by PassFab Corporation. The version Excel Password Recovery Professional 8.2.0.0 contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the E-Mail and Registrations Code field, whic...
EUVD-2019-19878
Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field duri...
CVE-2019-25565 Magic Iso Maker 5.5 Buffer Overflow Denial of Service
Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field duri...
CVE-2019-25565
Magic Iso Maker 5.5 build 281 contains a buffer overflow vulnerability in the Serial Code registration field that allows local attackers to crash the application by submitting an oversized input. Attackers can generate a file containing 5000 bytes of data, paste it into the Serial Code field duri...