EUVD-2024-45430

Malicious code in bioql PyPI...

CVE-2024-51594

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rafel.sanso Gmap Point List gmap-point-list allows Stored XSS.This issue affects Gmap Point List: from n/a through = 1.1.2...

CVE-2023-34141

A command injection vulnerability in the access point AP management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.00 through 5.36 Patch 2, USG20W-VPN series firmware...

CVE-2024-51594

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Rafel Sansó Gmap Point List allows Stored XSS.This issue affects Gmap Point List: from n/a through 1.1.2...

CVE-2024-51594

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rafel.sanso Gmap Point List gmap-point-list allows Stored XSS.This issue affects Gmap Point List: from n/a through = 1.1.2...

CVE-2024-51594 WordPress Gmap Point List plugin <= 1.1.2 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rafel.sanso Gmap Point List gmap-point-list allows Stored XSS.This issue affects Gmap Point List: from n/a through = 1.1.2...

CVE-2024-51594

CVE-2024-51594 — WordPress Gmap Point List plugin stored XSS (CWE: improper input neutralization) Affected: WordPress Gmap Point List plugin versions ≤ 1.1.2.Root cause: Improper neutralization of input during web page generation leading to stored XSS.Impact: Stored cross-site scripting vulnerabi...

PT-2024-34737 · Unknown · Gmap Point List

Name of the Vulnerable Software and Affected Versions: Gmap Point List versions 1.1.2 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks. Recommendations: For...

WordPress plugin Gmap Point List 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...

WordPress Gmap Point List plugin <= 1.1.2 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Gmap Point List versions = 1.1.2...

WordPress Gmap Point List Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS)

Software Gmap Point List Type Plugin Vulnerable versions = 1.1.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51594 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0634a94ad55d Credits SOPROBRO Required privilege Contributor...

CVE-2023-40921

SQL Injection vulnerability in functions/pointlist.php in Common Services soliberte before v4.3.03 allows attackers to obtain sensitive information via the lat and lng parameters...

CVE-2023-40921

SQL Injection vulnerability in functions/pointlist.php in Common Services soliberte before v4.3.03 allows attackers to obtain sensitive information via the lat and lng parameters...

Common Services soliberte security vulnerability

Common Services soliberte is a web module. A security vulnerability exists in Common Services soliberte versions prior to v4.3.03, which stems from a SQL injection vulnerability in the file functions/pointlist.php...

PT-2023-27701 · Unknown · Common Services Soliberte

Name of the Vulnerable Software and Affected Versions: Common Services soliberte versions prior to 4.3.03 Description: The issue allows attackers to obtain sensitive information via the lat and lng parameters in the functions/point list.php file. This is a SQL Injection vulnerability, which means...

CVE-2023-34141

A command injection vulnerability in the access point AP management feature of the Zyxel ATP series firmware versions 5.00 through 5.36 Patch 2, USG FLEX series firmware versions 5.00 through 5.36 Patch 2, USG FLEX 50W series firmware versions 5.00 through 5.36 Patch 2, USG20W-VPN series firmware...

SUSE CVE-2009-0945

Array index error in the insertItemBefore method in WebKit, as used in Apple Safari before 3.2.3 and 4 Public Beta, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome Stable before 1.0.154.65, and possibly other products allows remote attackers to execute...

SUSE CVE-2011-2363

Use-after-free vulnerability in the nsSVGPointList::AppendElement function in the implementation of SVG element lists in Mozilla Firefox before 3.6.18, Thunderbird before 3.1.11, and SeaMonkey through 2.0.14 allows remote attackers to cause a denial of service application crash or possibly execut...

CVE-2018-15583

Cross-Site Scripting XSS vulnerability in pointlist.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter...

PT-2019-9129 · Gnuboard · Gnuboard5

Name of the Vulnerable Software and Affected Versions: GNUBOARD5 versions prior to 5.3.1.6 Description: The issue allows remote attackers to inject arbitrary web script or HTML via the popup title parameter in the point list.php file. This enables attackers to perform Cross-Site Scripting XSS...