JS Help Desk <= 2.8.1 - SQL Injection

The JS Help Desk – Best Help Desk & Support Plugin plugin for WordPress is vulnerable to SQL Injection via the ‘email' and 'trackingid' parameters in all versions up to 2.8.2 exclusive due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing S...

EUVD-2020-1949

Malware in sbrugna...

CVE-2020-0448

In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. This could lead to local information disclosure of the identifier, which could be used to track an account across devices, with no additional...

CVE-2009-3093

Unspecified vulnerability on the ASUS WL-500W wireless router has unknown impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a...

GHSA-889J-63JV-QHR8

creationtimestamp| type| source ---|---|--- 2025-05-08 18:24:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/15578 2025-05-08 19:14:40+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114473807351732745 2025-05-08 20:30:52+00:00| seen|...

SUSE CVE-2008-2786

Buffer overflow in Firefox 3.0 and 2.0.x has unknown impact and attack vectors. NOTE: due to lack of details as of 20080619, it is not clear whether this is the same issue as CVE-2008-2785. A CVE identifier has been assigned for tracking purposes...

CVE-2020-0448

In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. This could lead to local information disclosure of the identifier, which could be used to track an account across devices, with no additional...

CVE-2020-0448

In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. This could lead to local information disclosure of the identifier, which could be used to track an account across devices, with no additional...

CVE-2020-0448

In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to access a tracking identifier due to a missing permission check. This could lead to local information disclosure of the identifier, which could be used to track an account across devices, with no additional...

HP Intelligent Management Center 5.1 E0202 Cross Site Scripting

Inshell Security Advisory http://www.inshell.net 1. ADVISORY INFORMATION ----------------------- Product: HP Intelligent Management Center Vendor URL: www.hp.com Type: Cross-Site Scripting CWE-79 Date found: 2012-06-08 Date published: 2013-03-04 CVSSv2 Score: CWE-79: 3,5 AV:N/AC:M/Au:S/C:N/I:P/A:...