Lucene search
K

18 matches found

RedhatCVE
RedhatCVE
added 2025/08/22 8:30 a.m.5 views

CVE-2025-48168

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...

7.1CVSS5.9AI score0.00206EPSS
Exploits0References1
CVE
CVE
added 2025/08/20 8:3 a.m.17 views

CVE-2025-48168

CVE-2025-48168 applies to the WordPress plugin Apollo - Sticky Full Width HTML5 Audio Player. It describes a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. Affected software/version: Apollo - Sticky Full Width HTML5 Audio ...

7.1CVSS5.9AI score0.00206EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/20 8:3 a.m.10 views

CVE-2025-48168 WordPress Apollo - Sticky Full Width HTML5 Audio Player <= 3.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...

7.1CVSS0.00206EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/20 8:3 a.m.3 views

CVE-2025-48168 WordPress Apollo - Sticky Full Width HTML5 Audio Player <= 3.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...

7.1CVSS5.2AI score0.00206EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:55 a.m.6 views

CVE-2023-24392

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin = 1.1.7 versions...

7.1CVSS5.9AI score0.00382EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/11 12:0 a.m.6 views

The vulnerabilities of Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, and Kaspersky Anti-Ransomware Tool are related to a full-width overflow vulnerability, which allows an attacker to write arbitrary data and cause service interruptions.

The vulnerabilities of Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows Standard, Plus, Premium, Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Securit...

5.3CVSS5.7AI score0.00128EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/09/16 10:4 p.m.14 views

MAL-2023-8113 Malicious code in developer-scaffold-full-width-wrapper (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware de16c923e65362f8728b3d71ad9d78042c8f28793d8d720d387faf6316d8b174 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
NVD
NVD
added 2023/05/10 8:15 a.m.21 views

CVE-2023-24392

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin = 1.1.7 versions...

7.1CVSS6.2AI score0.00382EPSS
Exploits0References1
OSV
OSV
added 2023/05/10 8:15 a.m.1 views

CVE-2023-24392

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin = 1.1.7 versions...

6.1CVSS5.8AI score0.00382EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/05/10 7:1 a.m.31 views

CVE-2023-24392 WordPress Full Width Banner Slider Wp Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin = 1.1.7 versions...

7.1CVSS6.3AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2023/05/10 7:1 a.m.45 views

CVE-2023-24392

CVE-2023-24392 affects the WordPress plugin I Thirteen Web Solution Full Width Banner Slider WP (versions ≤ 1.1.7). It is a unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability exposed via parameters like search_term and setacrionpage. Patch information in Patchstack indicates the ...

7.1CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/05/10 12:0 a.m.6 views

WordPress plugin Full Width Banner Slider Wp 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...

7.1CVSS6.9AI score0.00382EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/03/28 12:0 a.m.12 views

WordPress Full Width Banner Slider Wp Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)

Software Full Width Banner Slider Wp Type Plugin Vulnerable versions = 1.1.7 Fixed in 1.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24392 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2990ac9658bf Credits yuyud...

7.1CVSS5.7AI score0.00382EPSS
Exploits0References2Affected Software1
Qualys Blog
Qualys Blog
added 2021/03/23 7:19 p.m.299 views

Unified Dashboard Preview for Enhanced Security Visualization

Qualys has introduced the Unified Dashboard Framework UDF to enrich your dashboarding experience. Unified Dashboard UD brings information from all Qualys applications into a single place for visualization. UD adds a powerful new dashboarding framework to the Qualys Cloud Platform that will be...

0.2AI score
Exploits0
OSV
OSV
added 2020/10/18 7:15 p.m.5 views

CVE-2020-13893

Multiple stored cross-site scripting XSS vulnerabilities in Sage EasyPay 10.7.5.10 allow authenticated attackers to inject arbitrary web script or HTML via multiple parameters through Unicode Transformations Best-fit Mapping, as demonstrated by the full-width variants of the less-than sign...

5.4CVSS6.1AI score0.00526EPSS
Exploits0References2
w3af
w3af
added 2013/06/10 11:2 p.m.16 views

full_width_encode

This evasion plugin does full width encoding as described here: http://www.kb.cert.org/vuls/id/739224 Example: Input: /bar/foo.asp Output : /b%uFF61r/%uFF66oo.asp Plugin type Evasion Options This plugin doesnt have any user configured options. Source For more information about this plugin and the...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2007/05/16 12:0 a.m.28 views

Multiple applications Unicode Full Width / Half Width characters protection bypass

Client application may support translation of Halfwidth/Fullwidth Unicode characters unicode FF00 - FFEE, while content filter doesn't...

2.6AI score
Exploits0References1
securityvulns
securityvulns
added 2007/05/16 12:0 a.m.64 views

GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability

GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability Date & Version : 04/14/2007 - 1.0 Description : Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious content to bypass HTTP content...

Exploits0
Rows per page
Query Builder