49 matches found
CVE-2025-1929
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...
EUVD-2025-25017
Malicious code in bioql PyPI...
CVE-2025-1929
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...
CVE-2025-1929
CVE-2025-1929 concerns an SQL injection in Reel Sektör Hazine ve Risk Yönetimi Yazılımı (Risk Yazılım Teknolojileri Ltd. Şti.) through version 1.0.0.4. The issue is described as improper neutralization of special elements used in an SQL command, i.e., a blind SQL injection (CAPEC-7). Connected so...
CVE-2025-1929 SQLi in RiskTurk's Treasury Management Software
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...
CVE-2025-1929
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Risk Yazılım Teknolojileri Ltd. Şti. Reel Sektör Hazine ve Risk Yönetimi Yazılımı allows SQL Injection, CAPEC - 7 - Blind SQL Injection. This issue affects Reel Sektör Hazine ve Risk Yönetimi...
Riskturk Reel Sektör Hazine ve Risk Yönetimi SQL注入漏洞
Riskturk Reel Sektör Hazine ve Risk Yönetimi is a risk management software from the Turkish company Riskturk Reel. A SQL injection vulnerability exists in Riskturk Reel Sektör Hazine ve Risk Yönetimi 1.0.0.4 and earlier versions, which stems from improper handling of special elements and could le...
PT-2025-33479 · Unknown · Reel Sektör Hazine Ve Risk Yönetimi Yazılımı
Name of the Vulnerable Software and Affected Versions: Reel Sektör Hazine ve Risk Yönetimi Yazılımı versions through 1.0.0.4 Description: Improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability exists in Reel Sektör Hazine ve Risk Yönetimi Yazılımı, allowi...
CVE-2024-52492
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Image horizontal reel scroll slideshow image-horizontal-reel-scroll-slideshow allows Stored XSS.This issue affects Image horizontal reel scroll slideshow: from n/a through = 13.4...
CVE-2023-5428
The Image vertical reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 9.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2024-52492
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus Image horizontal reel scroll slideshow image-horizontal-reel-scroll-slideshow allows Stored XSS.This issue affects Image horizontal reel scroll slideshow: from n/a through = 13.4...
CVE-2024-52492
CVE-2024-52492 details a Stored Cross-Site Scripting (XSS) flaw in the WordPress plugin Image horizontal reel scroll slideshow (versions
WordPress Image horizontal reel scroll slideshow plugin <= 13.4 - Stored Cross Site Scripting (XSS) vulnerability
Stored Cross Site Scripting XSS vulnerability discovered by UKO Patchstack Alliance in WordPress Plugin Image horizontal reel scroll slideshow versions = 13.4...
WordPress Image horizontal reel scroll slideshow Plugin <= 13.4 is vulnerable to Cross Site Scripting (XSS)
Software Image horizontal reel scroll slideshow Type Plugin Vulnerable versions = 13.4 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Cross Site Scripting XSS CVE CVE-2024-52492 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID f3bd39fc0f00 Credits UKO Required...
reel-play.com Cross Site Scripting vulnerability OBB-3916023
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
WordPress Image horizontal reel scroll slideshow Plugin <= 13.3 is vulnerable to Cross Site Scripting (XSS)
Software Image horizontal reel scroll slideshow Type Plugin Vulnerable versions = 13.3 Fixed in 13.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5413 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f4bff9d695d5 Credits...
Image horizontal reel scroll slideshow < 13.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Description The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
PT-2023-32087 · WordPress · Image Horizontal Reel Scroll Slideshow Plugin
Name of the Vulnerable Software and Affected Versions: Image horizontal reel scroll slideshow plugin for WordPress versions up to, and including, 13.3 Description: The issue is related to Stored Cross-Site Scripting via the 'ihrss-gallery' shortcode due to insufficient input sanitization and outp...
The vulnerability of the Image Horizontal Reel Scroll Slideshow Plugin lies in its lack of measures to neutralize special elements, allowing attackers to execute arbitrary SQL queries.
The vulnerability of the Image Horizontal Reel Scroll Slideshow Plugin exists due to the failure to address the issue of eliminating special elements. Exploiting this vulnerability can allow a remote attacker to execute arbitrary SQL queries...
Information Reel < 10.1 - Authenticated (Subscriber+) SQL Injection via Shortcode
Description The Information Reel plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...