16 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-12141
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Grafana's alerting system, users with edit permissions for a contact point, specifically the permissions alert.notifications:write or...
EUVD-2010-0305
Malware in sbrugna...
EUVD-2022-36154
Malicious code in bioql PyPI...
CVE-2022-33098
Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting XSS vulnerability via the Edit Contact function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2023-2736
The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation in the 'ajaxeditcontact' function. This makes it possible for authenticated attackers to receive the auto login link via shortcode and...
CVE-2023-2736
The Groundhogg plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 2.7.9.8. This is due to missing nonce validation in the 'ajaxeditcontact' function. This makes it possible for authenticated attackers to receive the auto login link via shortcode and...
PT-2023-21078 · WordPress · Groundhogg
Name of the Vulnerable Software and Affected Versions: Groundhogg plugin for WordPress versions up to, and including, 2.7.9.8 Description: The issue is due to missing nonce validation in the ajax edit contact function, making it possible for authenticated attackers to elevate verified user...
WordPress Plugin Groundhogg 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
CVE-2022-33098
Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting XSS vulnerability via the Edit Contact function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2022-33098
Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting XSS vulnerability via the Edit Contact function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2022-33098
Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting XSS vulnerability via the Edit Contact function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
Cross site scripting
Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting XSS vulnerability via the Edit Contact function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2022-33098
Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting XSS vulnerability via the Edit Contact function. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2022-33098
CVE-2022-33098 affects Magnolia CMS 6.2.19. The vulnerability is a stored cross-site scripting (XSS) introduced via the Edit Contact function. A user with rights to upload a profile resource can craft an SVG containing malicious JavaScript, which is then executed when others view the resource. Pu...
Code injection
Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes aka Domino Web Access or DWA before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5...
CVE-2010-0274
Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes aka Domino Web Access or DWA before 229.241 for Domino 8.0.2 FP3 has unknown impact and attack vectors, aka SPR LSHR7TBLY5...