166 matches found
Lexmark International X1185 Improper Privilege Management (CVE-2006-0577)
Lexmark X1185 printer allows local users to gain SYSTEM privileges by navigating to the Appearance dialog and selecting the Additional styles skins are available on the Lexmark web site option, which launches a web browser that is running with SYSTEM privileges. This plugin only works with...
CVE-2025-32123
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...
CVE-2025-32123
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...
CVE-2025-32123
CVE-2025-32123 describes a Reflected XSS in the WordPress plugin HTML5 Video Player with Playlist & Multiple Skins (lbg-vp2-html5-rightside) , affecting versions up to and including 5.3.5. The issue stems from improper input neutralization during web page generation, enabling script injection via...
CVE-2025-32123
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...
CVE-2025-32123 WordPress HTML5 Video Player with Playlist & Multiple Skins plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup HTML5 Video Player with Playlist & Multiple Skins lbg-vp2-html5-rightside allows Reflected XSS.This issue affects HTML5 Video Player with Playlist & Multiple Skins: from n/a through =...
WordPress HTML5 Video Player with Playlist & Multiple Skins plugin <= 5.3.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin HTML5 Video Player with Playlist & Multiple Skins versions = 5.3.5...
EUVD-2022-48050
Malicious code in bioql PyPI...
EUVD-2024-50786
Malicious code in bioql PyPI...
Malicious code in new-fortnite-v-bucks-and-skins-for-free-dyjuter (npm)
The package new-fortnite-v-bucks-and-skins-for-free-dyjuter was found to contain malicious code...
MAL-2025-45302 Malicious code in new-fortnite-v-bucks-and-skins-for-free-dyjuter (npm)
The package new-fortnite-v-bucks-and-skins-for-free-dyjuter was found to contain malicious code...
MAL-2025-42171 Malicious code in 2023-fortnite-free-v-bucks-and-skins-updated-dklzd (npm)
The package 2023-fortnite-free-v-bucks-and-skins-updated-dklzd was found to contain malicious code...
Malicious code in 2023-fortnite-free-v-bucks-and-skins-updated-dklzd (npm)
The package 2023-fortnite-free-v-bucks-and-skins-updated-dklzd was found to contain malicious code...
MAL-2025-46462 Malicious code in unlimited-fortnite-v-bucks-and-skins-dlzldzl (npm)
The package unlimited-fortnite-v-bucks-and-skins-dlzldzl was found to contain malicious code...
CVE-2022-45133
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload...
CVE-2022-45133
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload...
CVE-2022-45133
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload...
CVE-2022-45133
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload...
CVE-2022-45133
Mahara 21.10 before 21.10.6, 22.04 before 22.04.4, and 22.10 before 22.10.1 allows unsafe font upload for skins. A particularly structured XML file could allow one to traverse the server to obtain access to secure files or cause code execution based on the payload...
CVE-2024-12341
The Custom Skins Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'cf7csactioncallback' function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Subscriber-level acce...