CVE-2021-24208 WP Page Builder < 1.2.4 - Multiple Stored Cross-Site scripting (XSS)

The editor of the WP Page Builder WordPress plugin before 1.2.4 allows lower-privileged users to insert unfiltered HTML, including JavaScript, into pages via the “Raw HTML” widget and the “Custom HTML” widgets though the custom HTML widget requires sending a crafted request - it appears that this...

Cross site scripting

A reflected Cross-Site-Scripting XSS vulnerability has been identified in Siemens PLM Software TEAMCENTER V9.1.2.5. If a user visits the login portal through the URL crafted by the attacker, the attacker can insert html/javascript and thus alter/rewrite the login portal page. Siemens PLM Software...

Debian Security Advisory DSA 2365-1 (dtc)

The remote host is missing an update to dtc announced via advisory DSA 2365-1. OpenVAS Vulnerability Test $Id: deb23651.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2365-1 dtc Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian DSA-2365-1 : dtc - several vulnerabilities

Ansgar Burchardt, Mike O'Connor and Philipp Kern discovered multiple vulnerabilities in DTC, a web control panel for admin and accounting hosting services : - CVE-2011-3195 A possible shell insertion has been found in the mailing list handling. - CVE-2011-3196 Unix rights for the apache2.conf wer...