18 matches found
CVE-2025-48168
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...
CVE-2025-48168
CVE-2025-48168 applies to the WordPress plugin Apollo - Sticky Full Width HTML5 Audio Player. It describes a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper neutralization of input during web page generation. Affected software/version: Apollo - Sticky Full Width HTML5 Audio ...
CVE-2025-48168 WordPress Apollo - Sticky Full Width HTML5 Audio Player <= 3.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...
CVE-2025-48168 WordPress Apollo - Sticky Full Width HTML5 Audio Player <= 3.4 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Apollo - Sticky Full Width HTML5 Audio Player lbg-audio5-html5-shoutcast-sticky allows Reflected XSS.This issue affects Apollo - Sticky Full Width HTML5 Audio Player: from n/a through ...
CVE-2023-24392
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin = 1.1.7 versions...
The vulnerabilities of Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows (Standard, Plus, Premium), Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Security Cloud, Kaspersky Safe Kids, and Kaspersky Anti-Ransomware Tool are related to a full-width overflow vulnerability, which allows an attacker to write arbitrary data and cause service interruptions.
The vulnerabilities of Kaspersky Anti-Virus SDK for Windows, Kaspersky Security for Virtualization Light Agent, Kaspersky Endpoint Security for Windows, Kaspersky Small Office Security, Kaspersky for Windows Standard, Plus, Premium, Kaspersky Free, Kaspersky Anti-Virus, Kaspersky Internet Securit...
MAL-2023-8113 Malicious code in developer-scaffold-full-width-wrapper (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware de16c923e65362f8728b3d71ad9d78042c8f28793d8d720d387faf6316d8b174 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2023-24392
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin = 1.1.7 versions...
CVE-2023-24392
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin = 1.1.7 versions...
CVE-2023-24392 WordPress Full Width Banner Slider Wp Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Full Width Banner Slider Wp plugin = 1.1.7 versions...
CVE-2023-24392
CVE-2023-24392 affects the WordPress plugin I Thirteen Web Solution Full Width Banner Slider WP (versions ≤ 1.1.7). It is a unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability exposed via parameters like search_term and setacrionpage. Patch information in Patchstack indicates the ...
WordPress plugin Full Width Banner Slider Wp 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerability...
WordPress Full Width Banner Slider Wp Plugin <= 1.1.7 is vulnerable to Cross Site Scripting (XSS)
Software Full Width Banner Slider Wp Type Plugin Vulnerable versions = 1.1.7 Fixed in 1.1.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24392 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 2990ac9658bf Credits yuyud...
Unified Dashboard Preview for Enhanced Security Visualization
Qualys has introduced the Unified Dashboard Framework UDF to enrich your dashboarding experience. Unified Dashboard UD brings information from all Qualys applications into a single place for visualization. UD adds a powerful new dashboarding framework to the Qualys Cloud Platform that will be...
CVE-2020-13893
Multiple stored cross-site scripting XSS vulnerabilities in Sage EasyPay 10.7.5.10 allow authenticated attackers to inject arbitrary web script or HTML via multiple parameters through Unicode Transformations Best-fit Mapping, as demonstrated by the full-width variants of the less-than sign...
full_width_encode
This evasion plugin does full width encoding as described here: http://www.kb.cert.org/vuls/id/739224 Example: Input: /bar/foo.asp Output : /b%uFF61r/%uFF66oo.asp Plugin type Evasion Options This plugin doesnt have any user configured options. Source For more information about this plugin and the...
Multiple applications Unicode Full Width / Half Width characters protection bypass
Client application may support translation of Halfwidth/Fullwidth Unicode characters unicode FF00 - FFEE, while content filter doesn't...
GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability
GS07-01 Full-Width and Half-Width Unicode Encoding IDS/IPS/WAF Bypass Vulnerability Date & Version : 04/14/2007 - 1.0 Description : Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious content to bypass HTTP content...