3939 matches found
CVE-2011-5256
Cross-site scripting XSS vulnerability in the tooltips in LimeSurvey before 1.91+ Build 11379-20111116, when viewing survey results, allows remote attackers to inject arbitrary web script or HTML via unknown parameters...
CVE-2009-2776
SQL injection vulnerability in showresult.asp in Smart ASP Survey allows remote attackers to execute arbitrary SQL commands via the catid parameter...
CVE-1999-0771
The web components of Compaq Management Agents and the Compaq Survey Utility allow a remote attacker to read arbitrary files via a .. dot dot attack...
More AIs Are Taking Polls and Surveys
I already knew about the declining response rate for polls and surveys. The percentage of AI bots that respond to surveys is also increasing. Solutions are hard: 1. Make surveys less boring. We need to move past bland, grid-filled surveys and start designing experiences people actually want to...
The Crowded Battle: Key Insights from the 2025 State of Pentesting Report
In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises 200 from within the USA to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have ...
CVE-2025-4831
A vulnerability, which was classified as critical, was found in TOTOLINK A702R, A3002R and A3002RU 3.0.0-B20230809.1615. This affects an unknown part of the file /boafrm/formSiteSurveyProfile of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...
TOTOLINK A720R、TOTOLINK A3002R和TOTOLINK A3002RU 安全漏洞
TOTOLINK A3002RU and others are products of China Gion Electronics TOTOLINK.TOTOLINK A3002RU is a wireless router product.TOTOLINK A720R is a wireless router.TOTOLINK A3002R is a wireless router.TOTOLINK A3002R is a wireless router. A security vulnerability exists in the TOTOLINK A720R, TOTOLINK...
CVE-2025-0688
The Spiritual Gifts Survey and optional S.H.A.P.E survey WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...
CVE-2025-0687
The Spiritual Gifts Survey and optional S.H.A.P.E survey WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...
CVE-2025-0688 Spiritual Gifts Survey <= 0.9.10 - Unauthenticated CSRF to XSS
The Spiritual Gifts Survey and optional S.H.A.P.E survey WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...
CVE-2025-0688 Spiritual Gifts Survey <= 0.9.10 - Unauthenticated CSRF to XSS
The Spiritual Gifts Survey and optional S.H.A.P.E survey WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...
CVE-2025-0687 Spiritual Gifts Survey <= 0.9.10 - Unauthenticated CSRF to XSS
The Spiritual Gifts Survey and optional S.H.A.P.E survey WordPress plugin through 0.9.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against only unauthenticated users...
PT-2025-21557 · WordPress · Spiritual Gifts Survey
Name of the Vulnerable Software and Affected Versions: Spiritual Gifts Survey WordPress plugin versions 0.9.10 and earlier Description: The issue concerns a Reflected Cross-Site Scripting problem. It arises because a parameter is not properly sanitized and escaped before being output back in the...
WordPress plugin Spiritual Gifts Survey 安全漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress plugin Spiritual Gifts Survey 安全漏洞
WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PT-2025-21556 · WordPress · Spiritual Gifts Survey
Name of the Vulnerable Software and Affected Versions: Spiritual Gifts Survey WordPress plugin versions 0.9.10 and earlier Description: The issue concerns a Reflected Cross-Site Scripting problem. It arises because a parameter is not properly sanitized and escaped before being output back in the...
Enhancing Blockchain Cross Chain Interoperability: a Comprehensive Survey
Blockchain technology, introduced in 2008, has revolutionized data storage and transfer across sectors such as finance, healthcare, intelligent transportation, and the metaverse. However, the proliferation of blockchain systems has led to discrepancies in architectures, consensus mechanisms, and...
Memory under Siege: a Comprehensive Survey of Side-Channel Attacks on Memory
Whitepaper called Memory Under Siege: A Comprehensive Survey Of Side-Channel Attacks On Memory...
CVE-2025-4347
A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been declared as critical. Affected by this vulnerability is the function formWlSiteSurvey. The manipulation of the argument host leads to buffer overflow. The attack can be launched remotely. This vulnerability only affects...
Generative AI in Financial Institution: a Global Survey of Opportunities, Threats, and Regulation
Generative Artificial Intelligence GenAI is rapidly reshaping the global financial landscape, offering unprecedented opportunities to enhance customer engagement, automate complex workflows, and extract actionable insights from vast financial data. This survey provides an overview of GenAI adopti...