CVE-2026-6452

The Bigfishgames Syndicate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2. This is due to missing or incorrect nonce validation on the bigfishgamessyndicatesubmenu function. This makes it possible for unauthenticated attackers to reset...

Astra Linux - уязвимость в freeglut

freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function...

CVE-2025-1615

A vulnerability classified as problematic was found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this vulnerability is an unknown functionality of the component NAT Submenu. The manipulation of the argument Description leads to cross site scripting. The attack can be launched remotely. Th...

Denial Of Service (DoS)

getgrav/grav is vulnerable to Denial of Service DoS. The vulnerability is due to improper input validation in the “Supported” parameter of the Languages submenu, which allows an attacker to supply malformed input that triggers a fatal regular expression parsing error via the pregmatch function...

PT-2025-48564

Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a Denial of Service DoS vulnerability was identified in the "Languages" submenu of the Grav admin configuration panel /admin/config/system. Specifically, the Supported parameter fails to properly validate user input. If a malformed value ...

CLSA-2025-1762362716 freeglut: Fix of 2 CVEs

CVE-2024-24258: fix memory leak in glutAddSubMenu function - CVE-2024-24259: fix memory leak in glutAddMenuEntry function...

EUVD-2012-1661

Malware in sbrugna...

EUVD-2025-4382

Malicious code in bioql PyPI...

CVE-2024-40604

An issue was discovered in the Nimbus skin for MediaWiki through 1.42.1. There is Stored XSS via MediaWiki:Nimbus-sidebar menu and submenu entries...

CVE-2023-0555

The Quick Restaurant Menu plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on its AJAX actions in versions up to, and including, 2.0.2. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to invoke those...

CVE-2012-1651

Cross-site scripting XSS vulnerability in the Submenu Tree module before 6.x-1.5 for Drupal allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors...

CVE-2025-2367

A vulnerability has been found in Oiwtech OIW-2431APGN-HP 2.5.3-B20131128 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formScript of the component Personal Script Submenu. The manipulation leads to os command injection. The attack can be initiated...

CVE-2025-2367 Oiwtech OIW-2431APGN-HP Personal Script Submenu formScript os command injection

A vulnerability has been found in Oiwtech OIW-2431APGN-HP 2.5.3-B20131128 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formScript of the component Personal Script Submenu. The manipulation leads to os command injection. The attack can be initiated...

CVE-2025-1615

A vulnerability classified as problematic was found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this vulnerability is an unknown functionality of the component NAT Submenu. The manipulation of the argument Description leads to cross site scripting. The attack can be launched remotely. Th...

CVE-2025-1615

A vulnerability classified as problematic was found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this vulnerability is an unknown functionality of the component NAT Submenu. The manipulation of the argument Description leads to cross site scripting. The attack can be launched remotely. Th...

CVE-2025-1615 FiberHome AN5506-01A ONU GPON NAT Submenu cross site scripting

A vulnerability classified as problematic was found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this vulnerability is an unknown functionality of the component NAT Submenu. The manipulation of the argument Description leads to cross site scripting. The attack can be launched remotely. Th...

CVE-2025-1615 FiberHome AN5506-01A ONU GPON NAT Submenu cross site scripting

A vulnerability classified as problematic was found in FiberHome AN5506-01A ONU GPON RP2511. Affected by this vulnerability is an unknown functionality of the component NAT Submenu. The manipulation of the argument Description leads to cross site scripting. The attack can be launched remotely. Th...

CVE-2025-1615

CVE-2025-1615 affects FiberHome AN5506-01A ONU GPON RP2511. The vulnerability is an instance of cross-site scripting (XSS) in the NAT Submenu’s Description parameter, allowing remote exploitation. The issue is tied to manipulation of the Description argument, with the attack being remotely execut...

CVE-2025-1613

A vulnerability was found in FiberHome AN5506-01A ONU GPON RP2511. It has been rated as problematic. This issue affects some unknown processing of the file /goform/URLfilterCfg of the component URL Filtering Submenu. The manipulation of the argument urlIP leads to cross site scripting. The attack...

CVE-2024-10600

A vulnerability, which was classified as critical, was found in Tongda OA 2017 up to 11.6. Affected is an unknown function of the file pda/appcenter/submenu.php. The manipulation of the argument appid leads to sql injection. It is possible to launch the attack remotely. The exploit has been...