25 matches found
EUVD-2026-5854
In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...
CVE-2025-34259 Advantech WISE-DeviceOn Server < 5.4 Authenticated Stored XSS via devicemap/building
Advantech WISE-DeviceOn Server versions prior to 5.4 contain a stored cross-site scripting XSS vulnerability in the /rmm/v1/devicemap/building endpoint. When an authenticated user creates a map entry, the name parameter is stored and later rendered in the map list UI without HTML sanitzation. An...
EUVD-2021-11295
Malware in sbrugna...
EUVD-2007-4362
Malware in sbrugna...
EUVD-2017-7350
Malware in sbrugna...
CVE-2021-24383
The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue...
WordPress Plugin WP Project Manager Permission License and Access Control Issues Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A permission permission and...
PT-2023-14665 · Artica · Artica Pandora Fms
Name of the Vulnerable Software and Affected Versions: Artica PFMS Pandora FMS version v765 Description: The issue allows Cross-Site Scripting XSS due to improper neutralization of input during web page generation. As a manager privilege user, an attacker can create a network map containing a...
CVE-2021-46676 Vulnerability XSS in Transaction Map name field
A XSS vulnerability exist in Pandora FMS version 756 and below, that allows an attacker to perform javascript code executions via the transactional maps name field...
CVE-2021-24383
The WP Google Maps WordPress plugin before 8.1.12 did not sanitise, validate of escape the Map Name when output in the Map List of the admin dashboard, leading to an authenticated Stored Cross-Site Scripting issue...
PT-2021-15916 · Unknown · Wp Google Maps
Name of the Vulnerable Software and Affected Versions: WP Google Maps versions prior to 8.1.12 Description: The issue is related to an authenticated Stored Cross-Site Scripting problem. It occurs because the Map Name is not properly sanitised, validated, or escaped when it is output in the Map Li...
Artica Pandora FMS Cross-Site Scripting Vulnerability
Artica Pandora FMS Flexible Monitoring System is a monitoring system from the Spanish company Artica. The system monitors networks, servers, virtual infrastructures, applications, etc. in a visual way. A cross-site scripting vulnerability exists in Artica Pandora FMS version 7.0. The vulnerabilit...
CVE-2017-15934
Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site Scripting in the map name parameter...
CVE-2017-15934
Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site Scripting in the map name parameter...
Cross site scripting
Artica Pandora FMS version 7.0 is vulnerable to stored Cross-Site Scripting in the map name parameter...
CVE-2017-15934
Artica Pandora FMS 7.0 is affected by a stored Cross-Site Scripting vulnerability in the map name parameter. According to CNVD-2017-36182, remote attackers can inject arbitrary script/HTML via the map name, enabling stored XSS. The CVE entry confirms a stored XSS issue but does not provide exploi...
WordPress Easy2Map plugin SQL injection vulnerability
WordPress is the WordPress Software Foundation a set of blogging platform developed using the PHP language, the platform supports in PHP and MySQL servers to set up a personal blog site. easy2Map is one of the plug-ins to support the creation of customized Google maps . WordPress Easy2Map plugin...
CVE-2014-1826
Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...
Cross site scripting
Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...
CVE-2014-1826
Cross-site scripting XSS vulnerability in the iThoughtsHD app 4.19 for iOS on iPad devices, when the WiFi Transfer feature is used, allows remote attackers to inject arbitrary web script or HTML via a crafted map name...