25 matches found
WWBN AVideo: Unauthenticated Reflected XSS via $_GET['search'] in AVideo YouTubeAPI Gallery Pagination
Unauthenticated Reflected XSS via $GET'search' in AVideo YouTubeAPI Gallery Pagination Summary A reflected Cross-Site Scripting vulnerability CWE-79 in the AVideo YouTubeAPI plugin allows any unauthenticated attacker to execute arbitrary JavaScript in a victim's browser session when the victim...
CVE-2025-14477 404 Solution <= 3.1.0 - Authenticated (Admin+) SQL Injection via 'filterText' Parameter
The 404 Solution plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 3.1.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This is due to improper sanitization of the filterText paramet...
EUVD-2017-0195
Malware in sbrugna...
EUVD-2020-0441
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-11082
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed i...
CVE-2020-11082
In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1...
OPENSUSE-SU-2023:0058-1 Security update for phpMyAdmin
This update for phpMyAdmin fixes the following issues: Update to 4.9.11: Fix an XSS attack through the drag-and-drop upload feature PMASA-2023-01, CWE-661, boo1208186, CVE-2023-25727 Fix broken pagination links in the navigation sidebar Fix syntax error for PHP 5 Fix hideconnectionerrors being...
SUSE CVE-2013-6459
Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links...
Cross-site Scripting (XSS)
kaminari-core is vulnerable to cross-site scripting XSS. The attack is possible because of an incomplete GET param black-listing, allowing an attacker to inject and execute arbitrary Javascript via the originalscriptname parameter when a user visits pages containing pagination links...
CVE-2020-11082
In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1...
DEBIAN-CVE-2020-11082
In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1...
CVE-2020-11082 Cross-Site Scripting in Kaminari
In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1...
Cross-site Scripting (XSS)
Overview kaminari is a Scope & Engine based, clean, powerful, agnostic, customizable and sophisticated paginator for Rails 4+. Affected versions of this package are vulnerable to Cross-site Scripting XSS. An attacker can inject arbitrary code into pages with pagination links. PoC For example, an...
GHSA-8R6H-7X9G-XMW9 will_paginate Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links...
will_paginate Cross-site Scripting vulnerability
Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links...
Updated ruby-will_paginate package fixes CVE-2013-6459
Updated ruby-willpaginate packages fix security vulnerability: Cross-Site Scripting XSS vulnerabilities were found in willpaginate gem for Ruby, where certain input related to generated pagination links were not properly sanitised before being returned. This could be exploited to execute arbitrar...
CVE-2013-6459
Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links...
DEBIAN-CVE-2013-6459
Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links...
CVE-2013-6459
Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links...
Cross site scripting
Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links...