CVE-2022-50533 wifi: mac80211: mlme: fix null-ptr deref on failed assoc

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: mlme: fix null-ptr deref on failed assoc If association to an AP without a link 0 fails, then we crash in tracing because it assumes that either apmldaddr or link 0 BSS is valid, since we clear sdata-vif.validlink...

CVE-2025-22388

An issue was discovered in Optimizely EPiServer.CMS.Core before 12.22.0. A high-severity Stored Cross-Site Scripting XSS vulnerability exists in the CMS, allowing malicious actors to inject and execute arbitrary JavaScript code, potentially compromising user data, escalating privileges, or...

kernel: wifi: cfg80211: clear link ID from bitmap during link delete after clean up

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: clear link ID from bitmap during link delete after clean up Currently, during link deletion, the link ID is first removed from the validlinks bitmap before performing any clean-up operations. However, some functio...

CVE-2024-13556

The Affiliate Links: WordPress Plugin for Link Cloaking and Link Management plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.1 via deserialization of untrusted input from an file export. This makes it possible for unauthenticated attackers to...

CVE-2024-13556 Affiliate Links: WordPress Plugin for Link Cloaking and Link Management <= 3.0.1 - Missing Authorization to Unauthenticated Import/Export and PHP Object Injection

The Affiliate Links: WordPress Plugin for Link Cloaking and Link Management plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.0.1 via deserialization of untrusted input from an file export. This makes it possible for unauthenticated attackers to...

CVE-2025-22388

An issue was discovered in Optimizely EPiServer.CMS.Core before 12.22.0. A high-severity Stored Cross-Site Scripting XSS vulnerability exists in the CMS, allowing malicious actors to inject and execute arbitrary JavaScript code, potentially compromising user data, escalating privileges, or...

CVE-2025-22388

Optimizely EPiServer.CMS.Core prior to version 12.22.0 contains a Stored Cross-Site Scripting (XSS) vulnerability in the CMS, affecting areas such as content editing, link management, and file uploads. The issue allows an attacker to inject and execute arbitrary JavaScript, which could compromise...

CVE-2020-6632

In PrestaShop 1.7.6.2, XSS can occur during addition or removal of a QuickAccess link. This is related to AdminQuickAccessesController.php, themes/default/template/header.tpl, and themes/new-theme/js/header.js...

CVE-2019-16659

TuziCMS 2.0.6 has index.php/manage/link/doadd CSRF...

[SECURITY] Fedora 29 Update: drupal7-link-1.6-1.fc29

The link module can be count to the top 50 modules in Drupal installations and provides a standard custom content field for links. With this module links can be added easily to any content types and profiles and include advanced validating and different ways of storing internal or external links...

YXcms backend has multiple SQL injection vulnerabilities

Yxcms is an enterprise building system based on PHP and mysql technology. YXcms V1.4.7 SQL injection vulnerability exists in the background label management and link management. The vulnerability stems from the program does not effectively filter the parameters, the attacker can use the...

LibreOffice -- Remote arbitrary file disclosure vulnerability via WEBSERVICE formula

LibreOffice reports: LibreOffice Calc supports a WEBSERVICE function to obtain data by URL. Vulnerable versions of LibreOffice allow WEBSERVICE to take a local file URL e.g file:// which can be used to inject local files into the spreadsheet without warning the user. Subsequent formulas can opera...

SUSE-SU-2015:1073-1 Security update for java-1_7_0-ibm

This update fixes the following security issues: - Version bump to 7.1-3.0 release bnc930365 CVE-2015-0192 CVE-2015-2808 CVE-2015-1914 CVE-2015-0138 - Fix removeing links before update-alternatives run. bnc931702 - Fix bnc912434, javaws/plugin stuff should slave plugin update-alternatives - Fix...

php weby directory software 1.2 - Multiple Vulnerabilities

No description provided by source. =========================================== Vulnerable Software: PHP Weby directory software version 1.2 Vendor: http://phpweby.com Download: htp://phpweby.com/down/phpwebydirectory.zip Vuln: Blind SQL injection && CSRF Dork: intext:Powered by PHP weby software...

PHP weby directory software 1.2 - Multiple Vulnerabilities

=========================================== Vulnerable Software: PHP Weby directory software version 1.2 Vendor: http://phpweby.com Download: htp://phpweby.com/down/phpwebydirectory.zip Vuln: Blind SQL injection && CSRF Dork: intext:Powered by PHP weby software...

PHP weby directory software 1.2 - Multiple Vulnerabilities

PHP weby directory software 1.2 - Multiple Vulnerabilities =========================================== Vulnerable Software: PHP Weby directory software version 1.2 Vendor: http://phpweby.com Download: htp://phpweby.com/down/phpwebydirectory.zip Vuln: Blind SQL injection && CSRF Dork: intext:Power...

PHP Weby Directory Software 1.2 SQL Injection / Cross Site Request Forgery

=========================================== Vulnerable Software: PHP Weby directory software version 1.2 Vendor: http://phpweby.com Download: htp://phpweby.com/down/phpwebydirectory.zip Vuln: Blind SQL injection && CSRF Dork: intext:Powered by PHP weby software...

Splink SQL injection vulnnerability

Exploit for php platform in category web applications Exploit Title: Splink SQL injection Date: 06-04-2012 Author: Hacker-Fire Category:: webapps Google dork: inurl: Splink Tested on: Windows 7 Script describe: SPlink, the famous Japanese a PHP link management system. P0c : 1, repeat the...

NO. 0 0 1 school website management system Build 1 1 0 6 2 8 injection vulnerability-vulnerability warning-the black bar safety net

NO. 0 0 1 school website management system modules: 1. Administrator information:website basic information setting, the principal mailbox, etc., database backup,user management, departments and permissions management, etc. 2. School profile:the level of classification, you can add a campus...

Kostenloses Linkmanagementscript SQL Injection Vulnerabilities

...::::Kostenloses Linkmanagementscript SQL Injection Vulnerabilities ::::... Virangar Security Team www.virangar.net -------- Discoverd By :virangar security teamhadihadi special tnx to:MR.nosrati,black.shadowes,MR.hesy,Zahra & all virangar members & all hackerz greetz:to my best friend in the...