EUVD-2023-35214

Malicious code in bioql PyPI...

CVE-2023-30874

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Steve Curtis, St. Pete Design Gps Plotter plugin = 5.1.4 versions...

CVE-2020-6332

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2023-30874

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Steve Curtis GPS Plotter gps-plotter allows DOM-Based XSS.This issue affects GPS Plotter: from n/a through = 5.4.0...

CVE-2023-30874

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Steve Curtis, St. Pete Design Gps Plotter plugin = 5.1.4 versions...

CVE-2023-30874

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Steve Curtis, St. Pete Design Gps Plotter plugin = 5.1.4 versions...

CVE-2023-30874 WordPress GPS Plotter plugin <= 5.4.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Steve Curtis GPS Plotter gps-plotter allows DOM-Based XSS.This issue affects GPS Plotter: from n/a through = 5.4.0...

CVE-2023-30874

CVE-2023-30874 corresponds to a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress GPS Plotter plugin by St. Pete Design, affecting versions

WordPress plugin Gps Plotter 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

pcv-plotter-shop.de Cross Site Scripting vulnerability OBB-3513090

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

WordPress GPS Plotter Plugin <= 5.3.0 is vulnerable to Cross Site Scripting (XSS)

Software GPS Plotter Type Plugin Vulnerable versions = 5.3.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-30874 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 5ee9803ff9b2 Credits Yuki Haruma Required privileg...

at.ac.ait.lablink.clients:csvclient (>=0.0.1 <=0.0.2), at.ac.ait.lablink.clients:dpbridge (>=0.0.1 <=0.0.3) +302 more potentially affected by CVE-2013-2027 via org.python:jython-standalone (>=2.5.2 <=2.7.2)

org.python:jython-standalone MAVEN version =2.5.2, =0.0.1, =0.0.1, =0.0.1, =0.0.2, =0.0.2, =0.0.1, =0.0.1, =0.1.0, =2.0.0, =2.0.0, =2.0.0, =2.0.0, =1.0.0, =1.0.0, =1.3.0, =2.1.2 and more Source cves: CVE-2013-2027 Source advisory: OSV:GHSA-9347-9W64-Q5WP...

CVE-2021-27588

When a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application...

SAP 3D Visual Enterprise Viewer 安全漏洞

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. A denial of service vulnerability exists in SAP 3D Visual Enterprise Viewer 9. The vulnerability stems from improper input validation. An attacker could exploit the vulnerability by means of a specially crafted HPGL...

SAP 3D Visual Enterprise Viewer Denial of Service Vulnerability (CNVD-2020-65555)

SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP, Germany. The software supports the publishing of 2D and 3D scenes in all industry-standard desktop applications and supports separate installation as a stand-alone executable and ActiveX space. A denial of service vulnerability exists ...

SAP 3D Visual Enterprise Viewer Input Validation Error Vulnerability (CNVD-2020-53156)

SAP 3D Visual Enterprise Viewer is a free 3D visualization viewer for Windows. An input validation error vulnerability exists in SAP 3D Visual Enterprise Viewer 9, which can be exploited by an attacker to cause an application crash via a specially crafted HPGL file...

CVE-2020-6335

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2020-6332

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

CVE-2020-6331

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

Command Injection in plotter

All versions of plotter are vulnerable to Command Injection. The package fails to sanitize plot titles, which may allow attackers to execute arbitrary code in the system if the title value is supplied by a user. The following proof-of-concept creates a testing file in the current directory: var...