2429 matches found
CVE-2023-1498 code-projects Responsive Hotel Site Newsletter Log messages.php sql injection
A vulnerability classified as critical has been found in code-projects Responsive Hotel Site 1.0. Affected is an unknown function of the file messages.php of the component Newsletter Log Handler. The manipulation of the argument title leads to sql injection. It is possible to launch the attack...
Responsive Hotel Site SQL注入漏洞
Responsive Hotel Site is a PHP-based responsive hotel website. A SQL injection vulnerability exists in code-projects Responsive Hotel Site version 1.0, which stems from a problem with a function in the file messages.php, where manipulation of the parameter title can lead to sql injection...
PT-2023-17034 · Unknown · Code-Projects Responsive Hotel Site
Name of the Vulnerable Software and Affected Versions: code-projects Responsive Hotel Site version 1.0 Description: A critical vulnerability has been found in the Newsletter Log Handler component of the code-projects Responsive Hotel Site. The issue is related to the manipulation of the title...
DRUPAL-CONTRIB-2023-010
The Media Responsive Thumbnail module allows media reference fields to be rendered as a responsive image. This module does not properly check entity access prior to rendering media. This may result in users seeing thumbnails of media items they do not have access to. This release was coordinated...
Media Responsive Thumbnail - Moderately critical - Information disclosure - SA-CONTRIB-2023-010
The Media Responsive Thumbnail module allows media reference fields to be rendered as a responsive image. This module does not properly check entity access prior to rendering media. This may result in users seeing thumbnails of media items they do not have access to. This release was coordinated...
Responsive media Image Formatter - Critical - Unsupported - SA-CONTRIB-2023-011
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466procedure---own-project---unsupported...
Huawei EulerOS: Security Advisory for unbound (EulerOS-SA-2023-1517)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP5 : unbound (EulerOS-SA-2023-1517)
According to the versions of the unbound packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability named 'Non-Responsive Delegation Attack' NRDelegation Attack has been discovered in various DNS resolving software. The...
CVE-2023-0064
The eVision Responsive Column Layout Shortcodes WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
CVE-2023-0064
The CVE-2023-0064 entry corresponds to the WordPress plugin “eVision Responsive Column Layout Shortcodes” (versions 2.3 and earlier). The vulnerability is a Stored Cross-Site Scripting (XSS) flaw caused by insufficient validation and escaping of shortcode attributes, which are output into the pag...
CVE-2023-0064 eVision Responsive Column Layout Shortcodes <= 2.3 - Contributor+ Stored XSS
The eVision Responsive Column Layout Shortcodes WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored...
CVE-2023-23983
Cross-Site Request Forgery CSRF vulnerability in wpdevart Responsive Vertical Icon Menu plugin = 1.5.8 can lead to theme deletion...
CVE-2023-23983
Cross-Site Request Forgery CSRF vulnerability in wpdevart Responsive Vertical Icon Menu plugin = 1.5.8 can lead to theme deletion...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in wpdevart Responsive Vertical Icon Menu plugin = 1.5.8 can lead to theme deletion...
CVE-2023-23983
The CVE-2023-23983 entry describes a Cross-Site Request Forgery (CSRF) in the WordPress plugin wpdevart Responsive Vertical Icon Menu (
WordPress plugin Responsive Vertical Icon Menu 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A security vulnerability exists in WordPress plugin...
CVE-2023-1041
A vulnerability, which was classified as problematic, was found in SourceCodester Simple Responsive Tourism Website 1.0. This affects an unknown part of the file /tourism/ratereview.php. The manipulation of the argument id with the input 1"alert1111 leads to cross site scripting. It is possible t...
CVE-2023-1041
The CVE-2023-1041 entry affects SourceCodester Simple Responsive Tourism Website 1.0, specifically the file /tourism/rate_review.php. The vulnerability arises from improper handling of the id parameter; a crafted input like 1"> enables cross-site scripting (XSS). Exploitation is possible remot...
CVE-2023-1041 SourceCodester Simple Responsive Tourism Website rate_review.php cross site scripting
A vulnerability, which was classified as problematic, was found in SourceCodester Simple Responsive Tourism Website 1.0. This affects an unknown part of the file /tourism/ratereview.php. The manipulation of the argument id with the input 1"alert1111 leads to cross site scripting. It is possible t...
WordPress Simple YouTube Responsive Plugin <= 2.5 is vulnerable to Cross Site Scripting (XSS)
Software Simple YouTube Responsive Type Plugin Vulnerable versions = 2.5 Fixed in 3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25982 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5dfa35a7f50c Credits yuyudhn Required...