Lucene search
K

101 matches found

wpexploit
wpexploit
added 2022/07/06 12:0 a.m.180 views

Flexi Quote Rotator <= 0.9.4 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Add the following payload to a new quote:...

4.8CVSS1.8AI score0.00511EPSS
Exploits2
Sick AG
Sick AG
added 2022/05/16 10:0 a.m.9 views

Vulnerability in SICK Flexi Soft Designer & Safety Designer

A deserialization vulnerability in a .NET framework class used by both SICK Flexi Soft Designer and SICK Safety Designer allows an attacker to create malicious project files...

8.6CVSS7AI score0.00335EPSS
Exploits0
Sick AG
Sick AG
added 2022/04/29 3:0 p.m.8 views

Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3

The PSIRT received a report about a vulnerability in some gateways for Flexi Soft, Flexi Compact, EFI gateway UE4740, microScan3 and the outdoorScan3. The vulnerability is classified as a denial-of-service vulnerability and results from a malformed UDP package. It is recommended to implement the...

6.5CVSS6.9AI score
Exploits0
Sick AG
Sick AG
added 2022/04/29 3:0 p.m.9 views

Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET

The PSIRT received a report about a vulnerability in the Gateway Flexi Soft and microScan3 PROFINET. The vulnerability is classified as a denial-of-service vulnerability and results form a mishandling of Read Implicit Request services...

7.5CVSS7AI score
Exploits0
OSV
OSV
added 2022/03/14 3:15 p.m.6 views

CVE-2022-0449

The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...

6.1CVSS5.8AI score0.00788EPSS
Exploits2References1
ATTACKERKB
ATTACKERKB
added 2022/03/14 3:15 p.m.6 views

CVE-2022-0449

The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...

6.1CVSS6.3AI score0.00788EPSS
Exploits2References2
NVD
NVD
added 2022/03/14 3:15 p.m.26 views

CVE-2022-0449

The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...

6.1CVSS0.00788EPSS
Exploits2References1
Prion
Prion
added 2022/03/14 3:15 p.m.18 views

Cross site scripting

The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...

4.3CVSS6.1AI score0.00788EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2022/03/14 2:41 p.m.29 views

CVE-2022-0449 Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting

The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...

6.2AI score0.00788EPSS
Exploits2References1
CVE
CVE
added 2022/03/14 2:41 p.m.85 views

CVE-2022-0449

The CVE-2022-0449 entry refers to the WordPress Flexi – Guest Submit plugin (versions before 4.20). The root cause is failure to sanitize and escape various parameters before outputting them back to pages (e.g., the user dashboard), enabling Reflected Cross-Site Scripting. Impact is reflected XSS...

6.1CVSS6AI score0.00788EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2022/03/14 12:0 a.m.5 views

WordPress plugin 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress...

6.1CVSS5.9AI score0.00788EPSS
Exploits2References2
wpexploit
wpexploit
added 2022/02/16 12:0 a.m.263 views

Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting Open the following URL when authenticated as any user: https://example.com/user-dashboard/?search=keyword:...

6.1CVSS6.2AI score0.00788EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2022/02/16 12:0 a.m.19 views

Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting

The plugin does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting PoC Open the following URL when authenticated as any user: https://example.com/user-dashboard/?search=keyword:...

6.1CVSS6.1AI score0.00788EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2022/02/16 12:0 a.m.34 views

WordPress Flexi – Guest Submit plugin <= 4.19 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Felipe Tapia Sasot in WordPress Flexi – Guest Submit plugin versions = 4.19. Solution Update the WordPress Flexi – Guest Submit plugin to the latest available version at least 4.20...

6.1CVSS2.7AI score0.00788EPSS
Exploits2References3Affected Software1
Openbugbounty
Openbugbounty
added 2022/01/08 7:48 a.m.11 views

flexi-cms.com Cross Site Scripting vulnerability OBB-2327970

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2016/01/07 12:32 a.m.14 views

How to become an Information Security Expert with the CISSP Certification

If you dream of making it big in the IT security community, the CISSP certification is a necessary milestone. Having this certification to your credit portrays a sense of commitment to the security profession and shows potential employers that you have a strong knowledge base to excel in this...

6.6AI score
Exploits0
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.10 views

WordPress Flexi Quote Rotator Plugin - Multiple Vulnerabilities

This plugin is prone to a cross site request forgery and SQL injection vulnerabilities. Solution Upgrade the plugin...

2.5AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2015/05/15 12:0 a.m.7 views

WordPress Flexi Quote Rotator Plugin - Multiple Vulnerabilities

This plugin is prone to a cross site request forgery and SQL injection vulnerabilities. Solution Upgrade the plugin...

2.5AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2014/08/01 10:58 a.m.8 views

Flexi Quote Rotator - Cross-Site Request Forgery & SQL Injection Vulnerabilities

The Flexi Quote Rotator WordPress plugin was affected by a Cross-Site Request Forgery & SQL Injection Vulnerabilities security vulnerability...

2.6AI score
Exploits0Affected Software1
seebug.org
seebug.org
added 2009/03/31 12:0 a.m.36 views

NOKIA Siemens FlexiISN 3.1 Multiple Auth Bypass Vulnerabilities

No description provided by source. NOKIA Siemens FlexiISN GGSN Multiple Authentication bypass Vulnerability: NOKIA Siemens FlexiISN Remote: Yes Local: No Class: Input Validation Error Critical: Moderately critical OS : FlexiISN GGSN FISN 3.1 URL 1 for bypassing authentication on AAA Configuration...

7.1AI score
Exploits0
Rows per page
Query Builder