Lucene search
K

1211 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/06 4:41 p.m.3 views

CVE-2019-25298

html5snmp 1.11 contains multiple SQL injection vulnerabilities that allow attackers to manipulate database queries through RouterID and RouterIP parameters. Attackers can exploit error-based, time-based, and union-based injection techniques to potentially extract or modify database information by...

7.1CVSS5.8AI score0.0037EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/02/06 4:41 p.m.10 views

CVE-2019-25294

The vulnerability (CVE-2019-25294) affects html5_snmp 1.11. A persistent cross-site scripting flaw exists in add_router_operation.php via the Remark parameter. An attacker can send a crafted POST request containing a script payload in Remark, causing arbitrary JavaScript to execute in a victim’s ...

6.4CVSS5.4AI score0.00203EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2026/02/06 4:41 p.m.11 views

CVE-2019-25298

The CVE-2019-25298 entry concerns html5_snmp version 1.11, where SQL injection flaws exist in the Router_ID and Router_IP parameters. The underlying vulnerability allows manipulation of database queries using error-based, time-based, and union-based techniques, potentially enabling extraction or ...

9.1CVSS5.7AI score0.0037EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.81 views

html5_snmp SQL注入漏洞

html5snmp is an HTML project developed by Pongtud Bualerd. Version 1.11 of html5snmp contains a SQL injection vulnerability. This vulnerability stems from the RouterID and RouterIP parameters, which may allow attackers to extract or modify database information...

9.1CVSS5.9AI score0.0037EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.6 views

html5_snmp 跨站脚本漏洞

html5snmp is an HTML project developed by Pongtud Bualerd. Version 1.11 of html5snmp contains a cross-site scripting vulnerability. This vulnerability stems from the Remark parameter in addrouteroperation.php, which allows for stored cross-site scripting, potentially enabling attackers to execute...

6.4CVSS5.9AI score0.00203EPSS
Exploits1References3
Snyk
Snyk
added 2026/02/03 2:23 a.m.4 views

Malicious Package

Overview react-dnd-legacy-html5-backend is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and thi...

9.8CVSS5.4AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/03 2:23 a.m.9 views

Malicious code in react-dnd-legacy-html5-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d549162491e3ef2900daafc0bb49291caef1538d4406a75ec4b80e12ac18fc26 The package react-dnd-legacy-html5-backend was found to contain malicious code. Source: ghsa-malware...

5.4AI score
Exploits0References1
OSV
OSV
added 2026/02/03 2:23 a.m.4 views

MAL-2026-657 Malicious code in react-dnd-legacy-html5-backend (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d549162491e3ef2900daafc0bb49291caef1538d4406a75ec4b80e12ac18fc26 The package react-dnd-legacy-html5-backend was found to contain malicious code. Source: ghsa-malware...

5.5AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/23 9:17 p.m.6 views

CVE-2025-32123

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...

7.1CVSS5.4AI score0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.20 views

CVE-2025-32123 WordPress HTML5 Video Player with Playlist & Multiple Skins plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...

7.1CVSS0.00263EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.10 views

CVE-2025-32123

CVE-2025-32123 describes a Reflected XSS in the WordPress plugin HTML5 Video Player with Playlist & Multiple Skins (lbg-vp2-html5-rightside) , affecting versions up to and including 5.3.5. The issue stems from improper input neutralization during web page generation, enabling script injection via...

7.1CVSS5.4AI score0.00263EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/22 4:51 p.m.4 views

CVE-2025-27005

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom allows Reflected XSS.This issue affects HTML5 Video Player: from n/a through = 5.3.5...

6.1CVSS5.3AI score0.0018EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.3 views

CVE-2025-27005 WordPress HTML5 Video Player plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom allows Reflected XSS.This issue affects HTML5 Video Player: from n/a through = 5.3.5...

7.1CVSS5.9AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.12 views

CVE-2025-27005

CVE-2025-27005 refers to a Reflected XSS in LambertGroup HTML5 Video Player lbg-vp2-html5-bottom (WordPress plugin)

7.1CVSS5.4AI score0.0018EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.7 views

PT-2026-3960

Name of the Vulnerable Software and Affected Versions LambertGroup HTML5 Video Player with Playlist & Multiple Skins versions through 5.3.5 Description The software contains a flaw related to improper input handling during web page generation, leading to a Reflected Cross-site Scripting XSS...

5.3AI score0.00263EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

WordPress plugin lbg-vp2-html5-rightside has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

7.1CVSS5.7AI score0.00263EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.7 views

WordPress Plugin HTML5 Video Player Cross-Site Script Vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. The WordPre...

7.1CVSS5.7AI score0.0018EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.5 views

MiracleLinux 8 : python-lxml-4.2.3-3.el8 (AXSA:2021-2726:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2021-2726:02 advisory. python-lxml: Missing input sanitization for formaction HTML5 attributes may lead to XSS CVE-2021-28957 Tenable has extracted the preceding description block...

6.1CVSS8.3AI score0.04002EPSS
Exploits1References2
Patchstack
Patchstack
added 2026/01/08 1:13 p.m.8 views

WordPress HTML5 Video Player with Playlist & Multiple Skins plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin HTML5 Video Player with Playlist & Multiple Skins versions = 5.3.5...

6.1CVSS6.1AI score0.00263EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2026/01/08 10:19 a.m.7 views

WordPress HTML5 Video Player plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin HTML5 Video Player versions = 5.3.5...

6.1CVSS6.1AI score0.0018EPSS
Exploits0Affected Software1
Rows per page
Query Builder