1341 matches found
CVE-2024-26019
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product...
CVE-2024-26019
CVE-2024-26019 affects Ninja Forms (WordPress) prior to 3.8.1, enabling a cross‑site scripting (XSS) vulnerability in submit processing. Exploitation could cause arbitrary JavaScript execution in the web browser of a user visiting the affected site. The root cause is insufficient input sanitizati...
CVE-2024-26019
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product...
CVE-2024-26019
Ninja Forms prior to 3.8.1 contains a cross-site scripting vulnerability in submit processing. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is accessing to the website using the product...
PT-2024-21279 · Unknown · Ninja Forms
Name of the Vulnerable Software and Affected Versions: Ninja Forms versions prior to 3.8.1 Description: The issue is related to a cross-site scripting vulnerability in submit processing. If exploited, an arbitrary script may be executed on the web browser of the user accessing the website using t...
PT-2024-5038 · Wwbn · Wwbn Avideo
Name of the Vulnerable Software and Affected Versions: WWBN AVideo versions 12.4 through 14.2 Description: The issue in WWBN AVideo is related to insufficient input validation in the submitIndex.php file of the WWBNIndex plugin, allowing a remote attacker to execute arbitrary code via the...
Pz-LinkCard < 2.5.3 - Reflected XSS
Description The plugin does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin Make a logged in admin open a page containing the code below ' /...
The vulnerability of the spark-submit function in the Apache Spark framework, which allows a hacker to execute arbitrary code.
The vulnerability of the spark-submit function in the Apache Spark framework is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...
Qualcomm Chipsets Security Vulnerability
Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption during a call to SubmitCommands on the Gfx engine during graphics rendering...
The vulnerability of the hid_submit_ctrl function in the USB HID driver of the Linux operating system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the hidsubmitctrl function in the USB HID driver of the Linux operating system is related to the disclosure of information. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information...
UBUNTU-CVE-2023-52566
In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential use after free in nilfsgccachesubmitreaddata In nilfsgccachesubmitreaddata, brelsebh is called to drop the reference count of bh when the call to nilfsdattranslate fails. If the reference count hits 0 and it...
SUSE CVE-2021-46906
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hidsubmitctrl In hidsubmitctrl, the way of calculating the report length doesn't take into account that report-size can be zero. When running the syzkaller reproducer, a report of size 0 causes...
DEBIAN-CVE-2021-46906
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hidsubmitctrl In hidsubmitctrl, the way of calculating the report length doesn't take into account that report-size can be zero. When running the syzkaller reproducer, a report of size 0 causes...
UBUNTU-CVE-2021-46906
In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: fix info leak in hidsubmitctrl In hidsubmitctrl, the way of calculating the report length doesn't take into account that report-size can be zero. When running the syzkaller reproducer, a report of size 0 causes...
Linux kernel security vulnerabilities
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an information disclosure vulnerability in HIDsubmitctrl...
CMS Made Simple 2.2.19 Server-Side Template Injection Vulnerability
Exploit Title: CMS Made Simple Version: 2.2.19 - SSTI Exploit Author: tmrswrr Vendor Homepage: https://www.cmsmadesimple.org/ Version: 2.2.19 Tested on: https://www.softaculous.com/demos/CMSMadeSimple 1 log in as admin and go to Layout Design Manager Breadcrumbs 2 Click edit and write SSTI payloa...
CVE-2024-1044 Customer Reviews for WooCommerce <= 5.38.10 - Improper Authorization via submit_review
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...
CVE-2024-1044
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'submitreview' function in all versions up to, and including, 5.38.12. This makes it possible for unauthenticated attackers to submit reviews with...
PT-2024-16285 · WordPress · Customer Reviews For Woocommerce
Name of the Vulnerable Software and Affected Versions: Customer Reviews for WooCommerce plugin for WordPress versions up to, and including, 5.38.12 Description: The issue allows unauthorized modification of data due to a missing capability check on the submit review function. This enables...
PT-2024-21547 · Linux +4 · Linux Kernel +4
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A NULL pointer dereference error occurs in the f2fs submit page write function when io-bio is NULL. This happens when other threads have added the fio to io-bio and submitted it before...