Lucene search
K

23 matches found

EUVD
EUVD
added 3 days ago5 views

EUVD-2026-43068

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Tealium iQ Tag Management allows Object Injection. This issue affects Tealium iQ Tag Management versions: from 0.0.0 to 2.4.0...

6.1AI score0.00417EPSS
Exploits0References2
CVE
CVE
added 4 days ago20 views

CVE-2026-13244

CVE-2026-13244 affects the Drupal integration module Tealium iQ Tag Management. The issue arises from how the module stores data in the PHP-serialized field tealiumiq, which can lead to an Object Injection vulnerability when serialized data is unserialized. Affected versions are Tealium iQ Tag Ma...

8.1CVSS6.1AI score0.00417EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago32 views

CVE-2026-13244 Tealium iQ Tag Management - Critical - PHP object injection - SA-CONTRIB-2026-064

Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Tealium iQ Tag Management allows Object Injection. This issue affects Tealium iQ Tag Management versions: from 0.0.0 to 2.4.0...

0.00417EPSS
Exploits0References1
OSV
OSV
added 2026/06/26 3:27 p.m.4 views

DRUPAL-CONTRIB-2026-064

The Tealium iQ Tag Management module provides Drupal integration with Tealium iQ. tealiumiq stores some data as PHP-serialized strings. In some situations, malicious data can be written directly to the field. This can lead to an Object Injection vulnerability when the data are unserialized. This...

8.1CVSS5.8AI score0.00417EPSS
Exploits0References1
Drupal
Drupal
added 2026/06/26 12:0 a.m.11 views

Tealium iQ Tag Management - Critical - PHP object injection - SA-CONTRIB-2026-064

The Tealium iQ Tag Management module provides Drupal integration with Tealium iQ. tealiumiq stores some data as PHP-serialized strings. In some situations, malicious data can be written directly to the field. This can lead to an Object Injection vulnerability when the data are unserialized. This...

5.8AI score0.00417EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.8 views

PT-2026-52177

Name of the Vulnerable Software and Affected Versions Tealium iQ Tag Management versions 0.0.0 through 2.4.0 Description Improperly controlled modification of dynamically-determined object attributes in the Tealium iQ Tag Management module allows for Object Injection. This occurs because the...

6.1AI score0.00417EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-18931

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.00218EPSS
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.5 views

Malicious code in hw-tealium (npm)

The package hw-tealium was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-22826 Malicious code in hw-tealium (npm)

The package hw-tealium was found to contain malicious code...

7.2AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/06/23 8:40 a.m.5 views

CVE-2025-50018

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through = 2.1.20...

5.9CVSS5.9AI score0.00218EPSS
Exploits0References1
NVD
NVD
added 2025/06/20 3:15 p.m.5 views

CVE-2025-50018

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through = 2.1.20...

5.9CVSS0.00218EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/20 3:3 p.m.18 views

CVE-2025-50018 WordPress Tealium plugin <= 2.1.20 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium tealium allows Stored XSS.This issue affects Tealium: from n/a through = 2.1.20...

5.9CVSS0.00218EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/06/20 3:3 p.m.4 views

CVE-2025-50018 WordPress Tealium plugin <= 2.1.17 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tealium Tealium allows Stored XSS. This issue affects Tealium: from n/a through 2.1.17...

5.9CVSS6.9AI score0.00218EPSS
Exploits0References1
CVE
CVE
added 2025/06/20 3:3 p.m.20 views

CVE-2025-50018

CVE-2025-50018 is a stored XSS in the WordPress Tealium plugin, caused by improper input neutralization during web page generation. The vulnerability affects Tealium versions up to 2.1.17 (per CVE records) and could enable attackers to inject scripts that execute in an affected user’s browser. Mi...

5.9CVSS5.9AI score0.00218EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/06/20 12:0 a.m.6 views

WordPress plugin Tealium 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS5.8AI score0.00218EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.7 views

PT-2025-26375 · Tealium · Tealium

Name of the Vulnerable Software and Affected Versions: Tealium versions through 2.1.17 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, allowing Stored XSS. This means that an attacker can inject malicious script...

5.9CVSS6.1AI score0.00218EPSS
Exploits0References4
Patchstack
Patchstack
added 2025/06/19 4:28 p.m.9 views

WordPress Tealium plugin <= 2.1.20 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Tealium versions = 2.1.20...

5.9CVSS6AI score0.00218EPSS
Exploits0Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/05/26 6:11 a.m.3 views

Malicious code in angular-tealium (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0c32462ecdeacbbbfee96fd4f6e31ce41d373f68b0ebb3ec17667e26a9ee66d Any computer that has this package installed or running should be considered...

6.8AI score
Exploits0References3
OSV
OSV
added 2025/05/26 6:11 a.m.5 views

MAL-2025-4550 Malicious code in angular-tealium (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a0c32462ecdeacbbbfee96fd4f6e31ce41d373f68b0ebb3ec17667e26a9ee66d Any computer that has this package installed or running should be considered...

7AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:2 p.m.3 views

Malicious code in tealium-ui-kit (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Rows per page
Query Builder