14 matches found
CVE-2026-4801
The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via external iCal feed data in all versions up to, and including, 3.1.16 due to insufficient output escaping of event titles, descriptions, and locations fetched from external iCal feeds...
PT-2026-33588
Name of the Vulnerable Software and Affected Versions CoBlocks versions prior to 3.1.17 Description The Page Builder Gutenberg Blocks – CoBlocks plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs due to insufficient output escaping of event titles, descriptions, and...
EUVD-2015-8562
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2022-39276
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features,...
The vulnerability of the GLPI system’s handling of requests and incidents, related to the falsification of requests on the server side, allows a perpetrator to scan the server’s ports or services that are open on the GLPI server or its private network.
The vulnerability of the GLPI request and incident handling system lies in the fact that using RSS channels or an external calendar for planning is vulnerable to an SSRF exploit. Exploiting this vulnerability allows a malicious actor to scan server ports or services that are open on the GLPI serv...
Design/Logic Flaw
GLPI stands for Gestionnaire Libre de Parc Informatique. GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or an external calendar in planning is subject to SSRF exploit. In case a remote...
CVE-2022-36112
GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or extenal calendar in planning is subject to SSRF exploit. Server-side requests ca...
CVE-2022-36112
GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Usage of RSS feeds or extenal calendar in planning is subject to SSRF exploit. Server-side requests ca...
Multiple Cross-Site Scripting Vulnerabilities in Dolibarr ERP/CRM
Dolibarr ERP/CRM is the software that manages your company's business information. Multiple cross-site scripting vulnerabilities in Dolibarr ERP/CRM 3.8.3 and prior versions allow remote attackers to inject arbitrary web script or HTML via the url of an external calendar or the "Import External...
CVE-2015-8685
Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 external calendar url or 2 the bank name field in the "import external calendar" page...
CVE-2015-8685
Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 external calendar url or 2 the bank name field in the "import external calendar" page...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 external calendar url or 2 the bank name field in the "import external calendar" page...
CVE-2015-8685
Multiple cross-site scripting XSS vulnerabilities in Dolibarr ERP/CRM 3.8.3 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 external calendar url or 2 the bank name field in the "import external calendar" page...
dolibarr HTML Injection
Title: HTML Injection in dolibarr Author: Sergio Galán - @NaxoneZ Date: Dec 24,2015 Vendor Homepage: http://www.dolibarr.es/ Vulnerable version: More Info =======https://github.com/Dolibarr/dolibarr/issues/4291 Fixed =======...