11 matches found
PT-2026-33415
Name of the Vulnerable Software and Affected Versions Canto plugin for WordPress versions prior to 3.1.2 Description Missing authorization occurs due to the absence of capability checks or nonce verification in the updateOptions function. This function is exposed via two AJAX hooks: 'wp ajax...
EUVD-2025-28816
Malicious code in bioql PyPI...
CVE-2025-9137
A vulnerability has been found in Scada-LTS 2.7.8.1. This impacts an unknown function of the file scheduledevents.shtm. Such manipulation of the argument alias leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The...
CVE-2025-9137
A vulnerability has been found in Scada-LTS 2.7.8.1. This impacts an unknown function of the file scheduledevents.shtm. Such manipulation of the argument alias leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The...
CVE-2025-9137 Scada-LTS scheduled_events.shtm cross site scripting
A vulnerability has been found in Scada-LTS 2.7.8.1. This impacts an unknown function of the file scheduledevents.shtm. Such manipulation of the argument alias leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The...
CVE-2025-9137
CVE-2025-9137 affects Scada-LTS 2.7.8.1 and involves cross-site scripting via manipulation of the alias parameter in the scheduled_events.shtm file. The vulnerability is exploitable remotely; multiple sources describe an admin-permission requirement and note that an admin user can inject HTML/JS ...
CVE-2025-9137 Scada-LTS scheduled_events.shtm cross site scripting
A vulnerability has been found in Scada-LTS 2.7.8.1. This impacts an unknown function of the file scheduledevents.shtm. Such manipulation of the argument alias leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The...
CVE-2025-9137 Scada-LTS scheduled_events.shtm cross site scripting
A vulnerability has been found in Scada-LTS 2.7.8.1. This impacts an unknown function of the file scheduledevents.shtm. Such manipulation of the argument alias leads to cross site scripting. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. The...
Scada-LTS 代码注入漏洞
Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A code injection vulnerability exists in Scada-LTS version 2.7.8.1, which stems from improper manipulation of the alias parameter in the scheduledevents.shtm file, which could lead to a cross-site scriptin...
PT-2025-33722 · Scada-Lts · Scada-Lts
Name of the Vulnerable Software and Affected Versions: Scada-LTS version 2.7.8.1 Description: A cross-site scripting issue exists due to manipulation of the alias argument within the scheduled events.shtm file. The attack can be executed remotely. The vendor states that exploitation likely requir...
The vulnerability of the Moodle learning management system allows a hacker to view protected information about scheduled events.
The vulnerability of the calendar/externallib.php component in the Moodle learning management system is related to the lack of protection for operational data. Exploiting this vulnerability could allow a malicious actor, operating remotely, to access sensitive information about scheduled events...