EUVD-2024-42695

Malicious code in bioql PyPI...

CVE-2024-47808

A vulnerability has been identified in SINEC NMS All versions V3.0 SP1. The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an authenticated medium-privileged attacker to...

CVE-2024-47808

A vulnerability has been identified in SINEC NMS All versions V3.0 SP1. The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an authenticated medium-privileged attacker to...

CVE-2024-47808

A vulnerability has been identified in SINEC NMS All versions V3.0 SP1. The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an authenticated medium-privileged attacker to...

CVE-2024-47808

CVE-2024-47808 affects Siemens SINEC NMS (all versions

CVE-2024-47808

A vulnerability has been identified in SINEC NMS All versions V3.0 SP1. The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system. This could allow an authenticated medium-privileged attacker to...

CVE-2021-24128

Unvalidated input and lack of output encoding in the Team Members WordPress plugin, versions before 5.0.4, lead to Cross-site scripting vulnerabilities allowing medium-privileged authenticated attacker contributor+ to inject arbitrary web script or HTML via the 'Description/biography' of a member...

Cross site scripting

Unvalidated input and lack of output encoding in the Team Members WordPress plugin, versions before 5.0.4, lead to Cross-site scripting vulnerabilities allowing medium-privileged authenticated attacker contributor+ to inject arbitrary web script or HTML via the 'Description/biography' of a member...

CVE-2021-24128 Team Members < 5.0.4 - Authenticated Stored Cross-Site Scripting (XSS)

Unvalidated input and lack of output encoding in the Team Members WordPress plugin, versions before 5.0.4, lead to Cross-site scripting vulnerabilities allowing medium-privileged authenticated attacker contributor+ to inject arbitrary web script or HTML via the 'Description/biography' of a member...

Testimonials Widget < 4.0.0 - Multiple Authenticated Stored XSS

Multiple cross-site scripting vulnerabilities in Testimonials Widget 3.5.1 and lower allow remote attackers to inject arbitrary Javascript code or HTML via the below parameters: - Author - Job Title - Location - Company - Email - URL Successful exploitation of this vulnerability would allow...

Testimonial Rotator < 3.0.3 - Authenticated Stored Cross-Site Scripting (XSS)

A Stored XSS vulnerability has been found in the 'Author Information' textarea in testimonials from the plugin, which could allow an authenticated medium-privileged user contributor+ to inject arbitrary JavaScript. The XSS will be triggered for anyone visiting public posts or testimonial page...

Microsoft Windows Error Reporting Manager Improper Access Control Privilege Escalation Vulnerability

This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Microsoft Windows. An attacker must first obtain the ability to execute medium-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Windows...

WebTitan v 3.62 - Multiple Cross Site Vulnerabilities

Document Title: =============== WebTitan v 3.62 - Multiple Cross Site Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=589 Release Date: ============= 2012-06-19 Vulnerability Laboratory ID VL-ID: ==================================== 589...