CVE-2025-8293

The Intl DateTime Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘date’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2025-8293 Intl DateTime Calendar <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via date Parameter

The Intl DateTime Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘date’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

WordPress Intl DateTime Calendar plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via date Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via date Parameter vulnerability discovered by Gilang in WordPress Plugin Intl DateTime Calendar versions = 1.0.1...

PT-2025-33535 · WordPress · Intl Datetime Calendar

Name of the Vulnerable Software and Affected Versions: Intl DateTime Calendar plugin for WordPress versions up to and including 1.0.1 Description: The Intl DateTime Calendar plugin for WordPress is susceptible to Stored Cross-Site Scripting via the date parameter due to insufficient input...

WordPress plugin Intl DateTime Calendar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

CVE-2025-8715

creationtimestamp| type| source ---|---|--- 2025-08-14 13:25:09+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115027339401596750 2025-08-14 22:36:29+00:00| seen| https://bsky.app/profile/omo.bsky.social/post/3lwffnooc5k2w 2025-08-15 06:42:27+00:00| seen|...

CVE-2025-6536 Tarantool datetime.c tm_to_datetime assertion

A vulnerability has been found in Tarantool up to 3.3.1 and classified as problematic. Affected by this vulnerability is the function tmtodatetime in the library src/lib/core/datetime.c. The manipulation leads to reachable assertion. Attacking locally is a requirement. The exploit has been...

Tarantool 安全漏洞

Tarantool is a computing software from Tarantool Open Source. A security vulnerability exists in Tarantool 3.3.1 and earlier versions, which stems from a reachable assertion issue in the tmtodatetime function in the datetime.c library...

PT-2025-26673 · Tarantool +1 · Tarantool +1

Name of the Vulnerable Software and Affected Versions: Tarantool versions up to 3.3.1 Description: A vulnerability has been found in the tm to datetime function in the library src/lib/core/datetime.c. The manipulation leads to a reachable assertion. Attacking locally is a requirement...

CVE-2025-43545

creationtimestamp| type| source ---|---|--- 2025-05-13 19:21:43+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp36v6kvlo32 2025-05-13 20:48:13+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lp3eaf546m2j 2025-05-13...

perl-DateTime-TimeZone bug fix and enhancement update

An update is available for perl-DateTime-TimeZone. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

perl-DateTime-TimeZone bug fix and enhancement update

An update is available for perl-DateTime-TimeZone. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

Regular Expression Denial of Service (ReDoS)

Overview gradio is a Python library for easily interacting with trained machine learning models Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS through the gr.Datetime component. An attacker can cause the server to consume excessive CPU resources and...

CVE-2024-10624

A Regular Expression Denial of Service ReDoS vulnerability exists in the gradio-app/gradio repository, affecting the gr.Datetime component. The affected version is git commit 98cbcae. The vulnerability arises from the use of a regular expression ^?:\snow\s?:-\s\d+\sdmhs??\s$ to process user input...

Gradio 资源管理错误漏洞

Gradio, an open source Python library from Gradio Open Source, is a method for demonstrating machine learning models through a friendly web interface. A resource management error vulnerability exists in Gradio version 98cbcae, which stems from a regular expression used by the gr.Datetime componen...

org.webjars.npm:github-com-xdan-datetimepicker (=2.5.20), org.webjars.npm:jquery-datetimepicker (>=2.5.4 <=2.5.21) potentially affected by CVE-2024-57063 via org.webjars.npm:php-date-formatter (=1.3.6)

org.webjars.npm:php-date-formatter MAVEN version =1.3.6 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:php-date-formatter and may be impacted: - org.webjars.npm:github-com-xdan-datetimepicker =2.5.20 -...

CVE-2024-55513

creationtimestamp| type| source ---|---|--- 2024-12-17 20:05:29+00:00| seen| https://infosec.exchange/users/cve/statuses/113669958969464068 2024-12-17 21:48:10+00:00| seen| https://t.me/cvedetector/13128...

NuGet Package 'Microsoft.Recognizers.Text.DateTime' Detection

The remote host has a 'Microsoft.Recognizers.Text.DateTime' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc...

Malicious code in FlսeոtDatеTіme (NuGet)

--- -= Per source details. Do not edit below this line.=-...

CVE-2024-4802

A vulnerability was found in Kashipara College Management System 1.0. It has been classified as critical. Affected is an unknown function of the file submitextracurricularactivity.php. The manipulation of the argument activitydatetime leads to sql injection. It is possible to launch the attack...