Code-Projects Chat System 注入漏洞

Chat System is a chat system. Chat System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter cid in the file /user/confirmpassword.php. An attacker can exploit this vulnerability to execute illegal SQL...

PT-2025-35997

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The nfsd4 setclientid confirm function did not check the return value from get client locked. A SETCLIENTID CONFIRM operation could race with a confirmed client expiring, failing to obta...

CVE-2023-32124

Cross-Site Request Forgery CSRF vulnerability in Arul Prasad J Publish Confirm Message plugin = 1.3.1 versions...

CVE-2022-43985

In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's /confirm endpoint...

CVE-2022-40754

In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in the webserver's /confirm endpoint...

CVE-2025-48371

OpenFGA is an authorization/permission engine. OpenFGA versions 1.8.0 through 1.8.12 corresponding to Helm chart openfga-0.2.16 through openfga-0.2.30 and docker 1.8.0 through 1.8.12 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Users are affected...

OESA-2025-1513 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use after free in hcisendacl This fixes the following trace caused by receiving HCIEVDISCONNPHYLINKCOMPLETE which does call hciconndel without fir...

CVE-2025-46459

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ralf Hortt Confirm User Registration confirm-user-registration allows Stored XSS.This issue affects Confirm User Registration: from n/a through = 2.1.5...

CVE-2025-46459

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ralf Hortt Confirm User Registration confirm-user-registration allows Stored XSS.This issue affects Confirm User Registration: from n/a through = 2.1.5...

CVE-2025-46459 WordPress Confirm User Registration plugin <= 2.1.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ralf Hortt Confirm User Registration confirm-user-registration allows Stored XSS.This issue affects Confirm User Registration: from n/a through = 2.1.5...

CVE-2025-46459 WordPress Confirm User Registration plugin <= 2.1.5 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ralf Hortt Confirm User Registration confirm-user-registration allows Stored XSS.This issue affects Confirm User Registration: from n/a through = 2.1.5...

CVE-2025-46459

CVE-2025-46459 is a stored XSS in the WordPress plugin Confirm User Registration (versions

WordPress plugin Confirm User Registration 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2025-32074

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43...

CVE-2025-32074

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43...

CVE-2025-32074 XSSes in Extension:ConfirmAccount

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43...

CVE-2025-32074 XSSes in Extension:ConfirmAccount

Improper Encoding or Escaping of Output vulnerability in The Wikimedia Foundation Mediawiki - Confirm Account Extension allows Cross-Site Scripting XSS.This issue affects Mediawiki - Confirm Account Extension: from 1.39 through 1.43...

CVE-2025-32074

CVE-2025-32074 affects MediaWiki’s Confirm Account Extension (versions 1.39–1.43). The root cause is an improper encoding/escaping of output that enables Cross-Site Scripting (XSS). The available connected sources identify the affected range and the vulnerability class but do not provide exploit ...

MediaWiki 安全漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the Wikimedia USA Foundation. The product can be used to deploy internal knowledge management and content management systems. MediaWiki - A security vulnerability exists in Confirm Account Extension versions 1.39 throug...

PT-2025-16138 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: Mediawiki - Confirm Account Extension versions 1.39 through 1.43 Description: The issue is related to improper encoding or escaping of output, which enables Cross-Site Scripting XSS in the Mediawiki - Confirm Account Extension. This is due to...