101 matches found
Flexi Quote Rotator <= 0.9.4 - Admin+ Stored Cross-Site Scripting
The plugin does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed. Add the following payload to a new quote:...
Vulnerability in SICK Flexi Soft Designer & Safety Designer
A deserialization vulnerability in a .NET framework class used by both SICK Flexi Soft Designer and SICK Safety Designer allows an attacker to create malicious project files...
Vulnerability in SICK Gateways for Flexi Soft, Flexi Compact, SICK EFI Gateway UE4740, SICK microScan3 and outdoorScan3
The PSIRT received a report about a vulnerability in some gateways for Flexi Soft, Flexi Compact, EFI gateway UE4740, microScan3 and the outdoorScan3. The vulnerability is classified as a denial-of-service vulnerability and results from a malformed UDP package. It is recommended to implement the...
Vulnerability in SICK Flexi Soft PROFINET IO Gateway FX0-GPNT and SICK microScan3 PROFINET
The PSIRT received a report about a vulnerability in the Gateway Flexi Soft and microScan3 PROFINET. The vulnerability is classified as a denial-of-service vulnerability and results form a mishandling of Read Implicit Request services...
CVE-2022-0449
The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...
CVE-2022-0449
The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...
CVE-2022-0449
The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...
Cross site scripting
The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...
CVE-2022-0449 Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting
The Flexi WordPress plugin before 4.20 does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting...
CVE-2022-0449
The CVE-2022-0449 entry refers to the WordPress Flexi – Guest Submit plugin (versions before 4.20). The root cause is failure to sanitize and escape various parameters before outputting them back to pages (e.g., the user dashboard), enabling Reflected Cross-Site Scripting. Impact is reflected XSS...
WordPress plugin 跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists in WordPress...
Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting Open the following URL when authenticated as any user: https://example.com/user-dashboard/?search=keyword:...
Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting
The plugin does not sanitise and escape various parameters before outputting them back in some pages such as the user dashboard, leading to a Reflected Cross-Site Scripting PoC Open the following URL when authenticated as any user: https://example.com/user-dashboard/?search=keyword:...
WordPress Flexi – Guest Submit plugin <= 4.19 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by Felipe Tapia Sasot in WordPress Flexi – Guest Submit plugin versions = 4.19. Solution Update the WordPress Flexi – Guest Submit plugin to the latest available version at least 4.20...
flexi-cms.com Cross Site Scripting vulnerability OBB-2327970
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
How to become an Information Security Expert with the CISSP Certification
If you dream of making it big in the IT security community, the CISSP certification is a necessary milestone. Having this certification to your credit portrays a sense of commitment to the security profession and shows potential employers that you have a strong knowledge base to excel in this...
WordPress Flexi Quote Rotator Plugin - Multiple Vulnerabilities
This plugin is prone to a cross site request forgery and SQL injection vulnerabilities. Solution Upgrade the plugin...
WordPress Flexi Quote Rotator Plugin - Multiple Vulnerabilities
This plugin is prone to a cross site request forgery and SQL injection vulnerabilities. Solution Upgrade the plugin...
Flexi Quote Rotator - Cross-Site Request Forgery & SQL Injection Vulnerabilities
The Flexi Quote Rotator WordPress plugin was affected by a Cross-Site Request Forgery & SQL Injection Vulnerabilities security vulnerability...
NOKIA Siemens FlexiISN 3.1 Multiple Auth Bypass Vulnerabilities
No description provided by source. NOKIA Siemens FlexiISN GGSN Multiple Authentication bypass Vulnerability: NOKIA Siemens FlexiISN Remote: Yes Local: No Class: Input Validation Error Critical: Moderately critical OS : FlexiISN GGSN FISN 3.1 URL 1 for bypassing authentication on AAA Configuration...