1211 matches found
CVE-2019-25298
html5snmp 1.11 contains multiple SQL injection vulnerabilities that allow attackers to manipulate database queries through RouterID and RouterIP parameters. Attackers can exploit error-based, time-based, and union-based injection techniques to potentially extract or modify database information by...
CVE-2019-25298
The CVE-2019-25298 entry concerns html5_snmp version 1.11, where SQL injection flaws exist in the Router_ID and Router_IP parameters. The underlying vulnerability allows manipulation of database queries using error-based, time-based, and union-based techniques, potentially enabling extraction or ...
CVE-2019-25294
The vulnerability (CVE-2019-25294) affects html5_snmp 1.11. A persistent cross-site scripting flaw exists in add_router_operation.php via the Remark parameter. An attacker can send a crafted POST request containing a script payload in Remark, causing arbitrary JavaScript to execute in a victim’s ...
html5_snmp 跨站脚本漏洞
html5snmp is an HTML project developed by Pongtud Bualerd. Version 1.11 of html5snmp contains a cross-site scripting vulnerability. This vulnerability stems from the Remark parameter in addrouteroperation.php, which allows for stored cross-site scripting, potentially enabling attackers to execute...
html5_snmp SQL注入漏洞
html5snmp is an HTML project developed by Pongtud Bualerd. Version 1.11 of html5snmp contains a SQL injection vulnerability. This vulnerability stems from the RouterID and RouterIP parameters, which may allow attackers to extract or modify database information...
Malicious code in react-dnd-legacy-html5-backend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d549162491e3ef2900daafc0bb49291caef1538d4406a75ec4b80e12ac18fc26 The package react-dnd-legacy-html5-backend was found to contain malicious code. Source: ghsa-malware...
Malicious Package
Overview react-dnd-legacy-html5-backend is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...
MAL-2026-657 Malicious code in react-dnd-legacy-html5-backend (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d549162491e3ef2900daafc0bb49291caef1538d4406a75ec4b80e12ac18fc26 The package react-dnd-legacy-html5-backend was found to contain malicious code. Source: ghsa-malware...
CVE-2025-32123
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...
CVE-2025-32123
CVE-2025-32123 describes a Reflected XSS in the WordPress plugin HTML5 Video Player with Playlist & Multiple Skins (lbg-vp2-html5-rightside) , affecting versions up to and including 5.3.5. The issue stems from improper input neutralization during web page generation, enabling script injection via...
CVE-2025-32123 WordPress HTML5 Video Player with Playlist & Multiple Skins plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...
CVE-2025-27005
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom allows Reflected XSS.This issue affects HTML5 Video Player: from n/a through = 5.3.5...
CVE-2025-27005 WordPress HTML5 Video Player plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom allows Reflected XSS.This issue affects HTML5 Video Player: from n/a through = 5.3.5...
CVE-2025-27005
CVE-2025-27005 refers to a Reflected XSS in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom (WordPress plugin)
PT-2026-3960
Name of the Vulnerable Software and Affected Versions LambertGroup HTML5 Video Player with Playlist & Multiple Skins versions through 5.3.5 Description The software contains a flaw related to improper input handling during web page generation, leading to a Reflected Cross-site Scripting XSS...
WordPress plugin lbg-vp2-html5-rightside has a cross-site scripting vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
WordPress Plugin HTML5 Video Player Cross-Site Script Vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...
MiracleLinux 8 : python-lxml-4.2.3-3.el8 (AXSA:2021-2726:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2726:02 advisory. python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS CVE-2021-28957 Tenable has extracted the preceding description block...
WordPress HTML5 Video Player with Playlist & Multiple Skins plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin HTML5 Video Player with Playlist & Multiple Skins versions = 5.3.5...
WordPress HTML5 Video Player plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin HTML5 Video Player versions = 5.3.5...