CVE-2015-10100

A vulnerability, which was classified as critical, has been found in Dynamic Widgets Plugin up to 1.5.10 on WordPress. This issue affects some unknown processing of the file classes/dynwidclass.php. The manipulation leads to sql injection. The attack may be initiated remotely. Upgrading to versio...

Sql injection

A vulnerability, which was classified as critical, has been found in Dynamic Widgets Plugin up to 1.5.10 on WordPress. This issue affects some unknown processing of the file classes/dynwidclass.php. The manipulation leads to sql injection. The attack may be initiated remotely. Upgrading to versio...

Cross site scripting

A vulnerability was found in Fancy Gallery Plugin 1.5.12 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file class.options.php of the component Options Page. The manipulation leads to cross site scripting. The attack can be...

CVE-2012-10010

A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrmsettingspage of the file contactform.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version...

CVE-2012-10010 BestWebSoft Contact Form contact_form.php cntctfrm_settings_page cross-site request forgery

A vulnerability was found in BestWebSoft Contact Form 3.21. It has been classified as problematic. This affects the function cntctfrmsettingspage of the file contactform.php. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. Upgrading to version...

CVE-2015-10098

A vulnerability was found in Broken Link Checker Plugin up to 1.10.5 on WordPress. It has been rated as problematic. Affected by this issue is the function printmodulelist/showwarningssectionnotice/statustext/uigetactionlinks. The manipulation leads to cross site scripting. The attack may be...

DEBIAN-CVE-2023-1249

A use-after-free flaw was found in the Linux kernel’s core dump subsystem. This flaw allows a local user to crash the system. Only if patch 390031c94211 "coredump: Use the vma snapshot in fillfilesnote" not applied yet, then kernel could be affected...

CVE-2013-10020

A vulnerability, which was classified as problematic, was found in MMDeveloper A Forms Plugin up to 1.4.2 on WordPress. This affects an unknown part of the file a-forms.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.3 ...

CVE-2013-10020 MMDeveloper A Forms Plugin a-forms.php cross site scripting

A vulnerability, which was classified as problematic, was found in MMDeveloper A Forms Plugin up to 1.4.2 on WordPress. This affects an unknown part of the file a-forms.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.4.3 ...

CVE-2015-10093

A vulnerability was found in Mark User as Spammer Plugin 1.0.0/1.0.1 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function userrowactions of the file plugin/plugin.php. The manipulation of the argument url leads to cross site scripting. The attack can b...

CVE-2015-10091

A vulnerability has been found in ByWater Solutions bywater-koha-xslt and classified as critical. This vulnerability affects the function StringSearch of the file admin/systempreferences.pl. The manipulation of the argument name leads to sql injection. The attack can be initiated remotely...

CVE-2022-4928 icplayer presenter.js AddonText_Selection_create cross site scripting

A vulnerability was found in icplayer up to 0.819. It has been declared as problematic. Affected by this vulnerability is the function AddonTextSelectioncreate of the file addons/TextSelection/src/presenter.js. The manipulation leads to cross site scripting. The attack can be launched remotely...

CVE-2020-36665

A vulnerability was found in Artesãos SEOTools up to 0.17.1 and classified as critical. This issue affects the function eachValue of the file TwitterCards.php. The manipulation of the argument value leads to open redirect. Upgrading to version 0.17.2 is able to address this issue. The identifier ...

PT-2023-11363 · Dro.Pm · Dro.Pm

Name of the Vulnerable Software and Affected Versions: dro.pm affected versions not specified Description: A problematic issue was found in dro.pm, affecting an unknown part of the file web/fileman.php. The manipulation of the secret/key argument leads to cross-site scripting. It is possible to...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in NHN TOAST UI Chart 4.1.4. This issue affects some unknown processing of the component Legend Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 4.2.0 is able to...

SUSE CVE-2022-3559

A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this...

SUSE CVE-2022-3970

A vulnerability was found in LibTIFF. It has been classified as critical. This affects the function TIFFReadRGBATileExt of the file libtiff/tifgetimage.c. The manipulation leads to integer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and m...

SUSE CVE-2022-4065

A vulnerability was found in cbeust testng 7.5.0/7.6.0/7.6.1/7.7.0. It has been declared as critical. Affected by this vulnerability is the function testngXmlExistsInJar of the file testng-core/src/main/java/org/testng/JarFileUtils.java of the component XML File Parser. The manipulation leads to...

CVE-2022-4905

A vulnerability was found in UDX Stateless Media Plugin 3.1.1 on WordPress. It has been declared as problematic. This vulnerability affects the function setupwizardinterface of the file lib/classes/class-settings.php. The manipulation of the argument settings leads to cross site scripting. The...

CVE-2015-10078

A vulnerability, which was classified as problematic, has been found in atwellpub Resend Welcome Email Plugin 1.0.1 on WordPress. This issue affects the function sendwelcomeemailurl of the file resend-welcome-email.php. The manipulation leads to cross site scripting. The attack may be initiated...