SUSE CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...

CVE-2023-43709

Os Commerce is currently susceptible to a Cross-Site Scripting XSS vulnerability. This vulnerability allows attackers to inject JS through the "configurationtitle1" parameter, potentially leading to unauthorized execution of scripts within a user's web browser...

CVE-2022-45051

A reflected XSS vulnerability has been found in Axiell Iguana CMS, allowing an attacker to execute code in a victim's browser. The module parameter on the Service.template.cls endpoint does not properly neutralise user input, resulting in the vulnerability...

PT-2023-14579 · Axiell · Axiell Iguana Cms

Name of the Vulnerable Software and Affected Versions: Axiell Iguana CMS affected versions not specified Description: A reflected XSS issue has been found, allowing an attacker to execute code in a victim's browser. The module parameter on the "Service.template.cls" endpoint does not properly...

CVE-2022-45182

Pi-StarDVDash for Pi-Star DV before 5aa194d mishandles the module parameter...

CVE-2022-45182

Pi-Star DV Dash (Pi-Star DV) is affected by CVE-2022-45182 in all versions prior to 5aa194d due to mishandling of the module parameter. The CVE metadata indicates a CRITICAL impact (C/H/I/A) with network attack vector and no user interaction required. Public references in the initial and connecte...

CVE-2022-45182

Pi-StarDVDash for Pi-Star DV before 5aa194d mishandles the module parameter...

PT-2022-27418 · Unknown · Pi-Star Dv Dash

Name of the Vulnerable Software and Affected Versions: Pi-Star DV Dash for Pi-Star DV versions prior to 5aa194d Description: The issue concerns the mishandling of the module parameter. Recommendations: For versions prior to 5aa194d, update to a version that includes the fix for the mishandling of...

TYPO3 Backend component Cross-site scripting (XSS) vulnerability

Cross-site scripting XSS vulnerability in the Backend component in TYPO3 6.2.x before 6.2.19 allows remote attackers to inject arbitrary web script or HTML via the module parameter when creating a bookmark...

CVE-2021-27309

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter...

CVE-2021-27309

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter...

CVE-2021-27309

Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter...

ONAP SDNC Operating System Command Injection Vulnerability (CNVD-2020-28483)

The ONAP SDNC is a network-defined network controller from the ONAP program. ONAP SDNC suffers from an operating system command injection vulnerability. The vulnerability can be exploited to execute arbitrary commands with the help of a specially crafted 'module' parameter...

PT-2019-15803 · Zoho · Zoho Crm Lead Magnet Plugin

Name of the Vulnerable Software and Affected Versions: Zoho CRM Lead Magnet plugin version 1.6.9.1 Description: The issue allows for XSS attacks. This can be achieved via the module, EditShortcode, or LayoutName. Recommendations: For Zoho CRM Lead Magnet plugin version 1.6.9.1, update to a newer...

PT-2018-3687 · Centos · Centos Web Panel

Name of the Vulnerable Software and Affected Versions: CentOS Web Panel versions 0.9.8.740 and earlier Description: The issue is related to the failure to protect the web page structure, which can be exploited by a remote attacker to impact the confidentiality and integrity of protected...

Metinfo Remote Code Execution Vulnerability

MetInfo is a content management system CMS developed using PHP and Mysql by China Mito Information Technology Ltd. A security vulnerability exists in Metinfo version 6.0.0. A remote attacker can exploit the vulnerability by sending the 'module' parameter to the admin/column/save.php file to write...

CVE-2018-13024

Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action...

CVE-2018-13024

Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action...