Lucene search
K

2429 matches found

Cvelist
Cvelist
added 2023/03/19 7:31 p.m.25 views

CVE-2023-1498 code-projects Responsive Hotel Site Newsletter Log messages.php sql injection

A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file messages.php of the component Newsletter Log Handler. The manipulation of the argument title leads to sql injection. It is possible to launch the attack...

6.5CVSS10AI score0.00871EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/19 12:0 a.m.4 views

Responsive Hotel Site SQL注入漏洞

Responsive Hotel Site is a PHP-based responsive hotel website. A SQL injection vulnerability exists in code-projects Responsive Hotel Site version 1.0, which stems from a problem with a function in the file messages.php, where manipulation of the parameter title can lead to sql injection...

9.8CVSS7AI score0.00871EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/03/19 12:0 a.m.5 views

PT-2023-17034 · Unknown · Code-Projects Responsive Hotel Site

Name of the Vulnerable Software and Affected Versions: code-projects Responsive Hotel Site version 1.0 Description: A critical vulnerability has been found in the Newsletter Log Handler component of the code-projects Responsive Hotel Site. The issue is related to the manipulation of the title...

9.8CVSS8AI score0.00871EPSS
Exploits0References7
OSV
OSV
added 2023/03/15 5:22 p.m.3 views

DRUPAL-CONTRIB-2023-010

The Media Responsive Thumbnail module allows media reference fields to be rendered as a responsive image. This module does not properly check entity access prior to rendering media. This may result in users seeing thumbnails of media items they do not have access to. This release was coordinated...

6.7AI score
Exploits0References1
Drupal
Drupal
added 2023/03/15 12:0 a.m.15 views

Media Responsive Thumbnail - Moderately critical - Information disclosure - SA-CONTRIB-2023-010

The Media Responsive Thumbnail module allows media reference fields to be rendered as a responsive image. This module does not properly check entity access prior to rendering media. This may result in users seeing thumbnails of media items they do not have access to. This release was coordinated...

6.6AI score
Exploits0References10
Drupal
Drupal
added 2023/03/15 12:0 a.m.18 views

Responsive media Image Formatter - Critical - Unsupported - SA-CONTRIB-2023-011

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...

6.6AI score
Exploits0References2
OpenVAS
OpenVAS
added 2023/03/09 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2023-1517)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.01259EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/03/09 12:0 a.m.33 views

EulerOS 2.0 SP5 : unbound (EulerOS-SA-2023-1517)

According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving software. The...

7.5CVSS7.3AI score0.01259EPSS
Exploits0References2
OSV
OSV
added 2023/03/06 2:15 p.m.3 views

CVE-2023-0064

The eVision Responsive Column Layout Shortcodes WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

5.4CVSS5.8AI score0.00471EPSS
Exploits2References1
CVE
CVE
added 2023/03/06 1:34 p.m.63 views

CVE-2023-0064

The CVE-2023-0064 entry corresponds to the WordPress plugin “eVision Responsive Column Layout Shortcodes” (versions 2.3 and earlier). The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by insufficient validation and escaping of shortcode attributes, which are output into the pag...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/03/06 1:34 p.m.21 views

CVE-2023-0064 eVision Responsive Column Layout Shortcodes <= 2.3 - Contributor+ Stored XSS

The eVision Responsive Column Layout Shortcodes WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...

5.5AI score0.00471EPSS
Exploits2References1
OSV
OSV
added 2023/02/28 3:15 p.m.4 views

CVE-2023-23983

Cross-Site Request Forgery CSRF vulnerability in wpdevart Responsive Vertical Icon Menu plugin = 1.5.8 can lead to theme deletion...

5.4CVSS6.1AI score0.00228EPSS
Exploits0References1
NVD
NVD
added 2023/02/28 3:15 p.m.19 views

CVE-2023-23983

Cross-Site Request Forgery CSRF vulnerability in wpdevart Responsive Vertical Icon Menu plugin = 1.5.8 can lead to theme deletion...

5.4CVSS5.5AI score0.00228EPSS
Exploits0References1
Prion
Prion
added 2023/02/28 3:15 p.m.22 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in wpdevart Responsive Vertical Icon Menu plugin = 1.5.8 can lead to theme deletion...

5.8CVSS5.6AI score0.00228EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/02/28 2:36 p.m.52 views

CVE-2023-23983

The CVE-2023-23983 entry describes a Cross-Site Request Forgery (CSRF) in the WordPress plugin wpdevart Responsive Vertical Icon Menu (

5.4CVSS5.5AI score0.00228EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/02/28 12:0 a.m.3 views

WordPress plugin Responsive Vertical Icon Menu 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin...

5.4CVSS5.5AI score0.00228EPSS
Exploits0References2
NVD
NVD
added 2023/02/26 12:15 p.m.21 views

CVE-2023-1041

A vulnerability, which was classified as problematic, was found in SourceCodester Simple Responsive Tourism Website 1.0. This affects an unknown part of the file /tourism/ratereview.php. The manipulation of the argument id with the input 1"alert1111 leads to cross site scripting. It is possible t...

6.1CVSS4.5AI score0.00536EPSS
Exploits1References3
CVE
CVE
added 2023/02/26 11:57 a.m.77 views

CVE-2023-1041

The CVE-2023-1041 entry affects SourceCodester Simple Responsive Tourism Website 1.0, specifically the file /tourism/rate_review.php. The vulnerability arises from improper handling of the id parameter; a crafted input like 1"&gt; enables cross-site scripting (XSS). Exploitation is possible remot...

6.1CVSS4.8AI score0.00536EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/02/26 11:57 a.m.21 views

CVE-2023-1041 SourceCodester Simple Responsive Tourism Website rate_review.php cross site scripting

A vulnerability, which was classified as problematic, was found in SourceCodester Simple Responsive Tourism Website 1.0. This affects an unknown part of the file /tourism/ratereview.php. The manipulation of the argument id with the input 1"alert1111 leads to cross site scripting. It is possible t...

4CVSS6.2AI score0.00536EPSS
Exploits1References3
Patchstack
Patchstack
added 2023/02/24 12:0 a.m.10 views

WordPress Simple YouTube Responsive Plugin <= 2.5 is vulnerable to Cross Site Scripting (XSS)

Software Simple YouTube Responsive Type Plugin Vulnerable versions = 2.5 Fixed in 3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25982 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5dfa35a7f50c Credits yuyudhn Required...

6.5CVSS6AI score0.00361EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder