17 matches found
CVE-2026-6255
The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'num' attribute of the 'owlswrapper' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
EUVD-2026-27199
The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'num' attribute of the 'owlswrapper' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2026-6255
The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'num' attribute of the 'owlswrapper' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2026-6255
The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'num' attribute of the 'owlswrapper' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2026-6255 Simple Owl Shortcodes <= 2.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'num' Shortcode Attribute
The Simple Owl Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'num' attribute of the 'owlswrapper' shortcode in all versions up to, and including, 2.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
PT-2026-36956
Name of the Vulnerable Software and Affected Versions Simple Owl Shortcodes versions prior to 2.1.2 Description The Simple Owl Shortcodes plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs due to insufficient input sanitization and output escaping of user-supplied...
EUVD-2004-0302
Malware in sbrugna...
Cute Owls Emoji Keyboard Theme - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities
HackApp vulnerability scanner discovered that application Cute Owls Emoji Keyboard Theme published at the 'play' market has multiple vulnerabilities...
Christmas Owls Keyboard Theme - Dangerous filesystem permissions, WebView code execution vulnerabilities
HackApp vulnerability scanner discovered that application Christmas Owls Keyboard Theme published at the 'play' market has multiple vulnerabilities...
CVE-2004-0303
OWLS 1.0 allows remote attackers to retrieve arbitrary files via absolute pathnames in 1 the file parameter in /glossaries/index.php, 2 the filename parameter in /readings/index.php, or 3 the filename parameter in /multiplechoice/resultsignore.php, as demonstrated using /etc/passwd...
CVE-2004-0302
Directory traversal vulnerability in OWLS 1.0 allows remote attackers to read arbitrary files via a .. dot dot in the 1 file parameter in index.php, 2 editfile in glossary.php, or 3 editfile in newmultiplechoice.php...
CVE-2004-0303
OWLS 1.0 allows remote attackers to retrieve arbitrary files via absolute pathnames in 1 the file parameter in /glossaries/index.php, 2 the filename parameter in /readings/index.php, or 3 the filename parameter in /multiplechoice/resultsignore.php, as demonstrated using /etc/passwd...
CVE-2004-0302
Directory traversal vulnerability in OWLS 1.0 allows remote attackers to read arbitrary files via a .. dot dot in the 1 file parameter in index.php, 2 editfile in glossary.php, or 3 editfile in newmultiplechoice.php...
CVE-2004-0303
Summary: OWLS 1.0 in OWL's Workshop is vulnerable to a remote file disclosure. An attacker can cause the application to disclose arbitrary files by supplying absolute pathnames through specific parameters: the file parameter in /glossaries/index.php, the filename parameter in /readings/index.php,...
CVE-2004-0302
CVE-2004-0302 describes a directory traversal vulnerability in OWLS 1.0, where remote attackers could read arbitrary files by manipulating the .. (dot dot) in parameters of index.php (file), glossary.php (editfile), or newmultiplechoice.php (editfile). The issue is documented across multiple sour...
ZH2004-08SA.txt
ZH2004-08SA security advisory: OWLS 1.0 Remote arbitrary files retrieving Discovered: 05 january 2004 Vendor contacted: 07 january 2004 Published: 18 february 2004 Name: OWLS Affected Systems: 1.0 Issue: Remote file retrieving Author: G00db0y from Zone-h Security Labs - [email protected] -...
[UNIX] OWLS Remote Arbitrary Files Disclosure
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...