12 matches found
CVE-2026-28384
An improper sanitization of the compressionalgorithm parameter in Canonical LXD allows an authenticated, unprivileged user to execute commands as the LXD daemon on the LXD server via API calls to the image and backup endpoints. This issue affected LXD from 4.12 through 6.6 and was fixed in the sn...
CVE-2026-24909
vlt before 1.0.0-rc.10 mishandles path sanitization for tar, leading to path traversal during extraction...
CVE-2025-11265
CVE-2025-11265 concerns the VK All in One Expansion Unit plugin for WordPress. The issue is a Stored Cross-Site Scripting vulnerability in versions up to and including 9.112.1, caused by a logic error in the CTA save function that reads sanitization callbacks from the wrong variable, allowing aut...
EUVD-2019-1708
Malware in sbrugna...
CVE-2023-2178
The Aajoda Testimonials WordPress plugin before 2.2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
UBUNTU-CVE-2022-35652
An open redirect issue was found in Moodle due to improper sanitization of user-supplied data in mobile auto-login feature. A remote attacker can create a link that leads to a trusted website, however, when clicked, it redirects the victims to arbitrary URL/domain. Successful exploitation of this...
PT-2019-6103 · Facebook · Whatsapp Business For Ios +5
Name of the Vulnerable Software and Affected Versions: WhatsApp versions prior to 2.19.134 Android WhatsApp Business versions prior to 2.19.44 Android WhatsApp versions prior to 2.19.51 iOS WhatsApp Business versions prior to 2.19.51 iOS WhatsApp versions prior to 2.18.348 Windows Phone WhatsApp...
Zen Cart Multiple Vulnerabilities (Feb 2014)
Zen Cart is prone to multiple vulnerabilities. Copyright C 2014 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
ZeroShell 2.0RC2 File Disclosure / Command Execution Vulnerability - Active Check
ZeroShell is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
MoinMoin Wiki User Profile Unspecified Vulnerability
This host is running MoinMoin Wiki and is prone to unspecified vulnerability. OpenVAS Vulnerability Test $Id: gbmoinmoinwikiuserprofunspecifiedvuln.nasl 5306 2017-02-16 09:00:16Z teissa $ MoinMoin Wiki User Profile Unspecified Vulnerability Authors: Veerendra GG Copyright: Copyright c 2010...
GLSA-200706-04 : MadWifi: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200706-04 MadWifi: Multiple vulnerabilities Md Sohail Ahmad from AirTight Networks has discovered a divison by zero in the athbeaconconfig function CVE-2007-2830. The vendor has corrected an input validation error in the...
MadWifi: Multiple vulnerabilities
Background The MadWifi driver provides support for Atheros based IEEE 802.11 Wireless Lan cards. Description Md Sohail Ahmad from AirTight Networks has discovered a divison by zero in the athbeaconconfig function CVE-2007-2830. The vendor has corrected an input validation error in the...