21 matches found
EUVD-2023-54560
Malicious code in bioql PyPI...
EUVD-2023-54706
Malicious code in bioql PyPI...
CVE-2025-9126
The Smart Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
CVE-2025-9126
The Smart Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
CVE-2025-9126
The Smart Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
CVE-2025-9126 Smart Table Builder <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The Smart Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
CVE-2025-9126
CVE-2025-9126 concerns the WordPress plugin Smart Table Builder. Multiple sources confirm a Stored Cross-Site Scripting (XSS) flaw via the id parameter in versions up to 1.0.1, exploitable by authenticated users with Contributor-level access or higher. The underlying issue is insufficient input s...
CVE-2025-9126 Smart Table Builder <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter
The Smart Table Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘id’ parameter in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acces...
WordPress Smart Table Builder plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via id Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Smart Table Builder versions = 1.0.1...
WordPress plugin Smart Table Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A cross-site scripting vulnerability...
CVE-2023-4867
A vulnerability was found in Xintian Smart Table Integrated Management System 5.6.9. It has been classified as critical. Affected is an unknown function of the file /SysManage/AddUpdateSites.aspx of the component Added Site Page. The manipulation of the argument TbxSiteName leads to sql injection...
CVE-2023-4867
A vulnerability was found in Xintian Smart Table Integrated Management System 5.6.9. It has been classified as critical. Affected is an unknown function of the file /SysManage/AddUpdateSites.aspx of the component Added Site Page. The manipulation of the argument TbxSiteName leads to sql injection...
CVE-2023-4867 Xintian Smart Table Integrated Management System Added Site Page AddUpdateSites.aspx sql injection
A vulnerability was found in Xintian Smart Table Integrated Management System 5.6.9. It has been classified as critical. Affected is an unknown function of the file /SysManage/AddUpdateSites.aspx of the component Added Site Page. The manipulation of the argument TbxSiteName leads to sql injection...
CVE-2023-4867
Summary: CVE-2023-4867 affects Xintian Smart Table Integrated Management System 5.6.9, specifically the file /SysManage/AddUpdateSites.aspx (Added Site Page). The vulnerability arises from unsafe handling of the TbxSiteName parameter, enabling a SQL injection. It is exploitable remotely and, per ...
PT-2023-30889 · Unknown · Xintian Smart Table Integrated Management System
Name of the Vulnerable Software and Affected Versions: Xintian Smart Table Integrated Management System version 5.6.9 Description: A critical issue was found in the Xintian Smart Table Integrated Management System. It affects an unknown function of the file /SysManage/AddUpdateSites.aspx,...
CVE-2023-4712
A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to th...
Sql injection
A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to th...
CVE-2023-4712 Xintian Smart Table Integrated Management System AddUpdateRole.aspx sql injection
A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to th...
CVE-2023-4712
CVE-2023-4712 affects Xintian Smart Table Integrated Management System v5.6.9. The vulnerability resides in SysManage/AddUpdateRole.aspx, where manipulating the txtRoleName parameter enables SQL injection. The exploit has been disclosed publicly. Remediation/workaround information from PT-SECURIT...
CVE-2023-4712 Xintian Smart Table Integrated Management System AddUpdateRole.aspx sql injection
A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to th...