NewsTicker <= 1.0 - Reflected Cross-Site Scripting

NewsTicker WordPress plugin v1.0 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute arbitrary scripts in the context of high privilege users, exploit requires attacker to craft a maliciou...

EUVD-2009-4673

Malware in sbrugna...

EUVD-2024-53913

Malicious code in bioql PyPI...

CVE-2009-4709

SQL injection vulnerability in the datamints Newsticker datamintsnewsticker extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

WordPress News List plugin <= 1.0 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin NewsTicker versions = 1.0...

CVE-2024-13630

The NewsTicker WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13630

CVE-2024-13630 concerns the NewsTicker WordPress plugin (versions up to 1.0). The description in the initial document states that a parameter is not sanitised or escaped before being output to the page, enabling a Reflected Cross-Site Scripting that could affect high-privilege users (e.g., admins...

CVE-2024-13630 News List <= 1.0 - Reflected XSS

The NewsTicker WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13630 News List <= 1.0 - Reflected XSS

The NewsTicker WordPress plugin through 1.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

WordPress plugin NewsTicker 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-8677

Name of the Vulnerable Software and Affected Versions NewsTicker WordPress plugin version 1.0 Description The issue is related to a Reflected Cross-Site Scripting problem, where a parameter is not properly sanitised and escaped before being outputted back in the page. This could be exploited...

Postillon Newsticker - Dynamic Code Loading, External URLs, SD-card access vulnerabilities

HackApp vulnerability scanner discovered that application Postillon Newsticker published at the 'play' market has multiple vulnerabilities...

Sql injection

SQL injection vulnerability in the datamints Newsticker datamintsnewsticker extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4709

SQL injection vulnerability in the datamints Newsticker datamintsnewsticker extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

CVE-2009-4709

CVE-2009-4709 affects the datamints Newsticker (datamints_newsticker) extension for TYPO3, vulnerable before version 0.7.2. The issue is an SQL injection allowing remote attackers to execute arbitrary SQL commands via unspecified vectors. NVD lists a base score of 7.5 (HIGH) with network access a...

CVE-2009-4709

SQL injection vulnerability in the datamints Newsticker datamintsnewsticker extension before 0.7.2 for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors...

Debian Security Advisory DSA 294-1 (gkrellm-newsticker)

The remote host is missing an update to gkrellm-newsticker announced via advisory DSA 294-1. OpenVAS Vulnerability Test $Id: deb2941.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 294-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-294)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

simpnews24103-xss.txt

netVigilance Security Advisory 70 SimpNews version 2.41.03 Multiple XSS Attack Vulnerabilities Description: SimpNews is a news system written in PHP. Features: Data stored in MySQL, admin interface, support for multiple languages, support for multiple instances in one database, own header, multip...

NEWSolved Lite v1.9.2 (abs_path) Remote File Inclusion Vulnerabilities

No description provided by source. +-------------------------------------------------------------------- + + NEWSolved Lite v1.9.2 abspath Remote File Inclusion + +-------------------------------------------------------------------- + + Affected Software .: NEWSolved Lite v1.9.2 maybe above +...