3269 matches found
Lenovo Vantage Vulnerability - Lenovo Support US
No description provided...
MediaTek Tablet Vulnerabilities January 2026 - Lenovo Support US
No description provided...
CVE-2025-14028
The Contact Us Simple Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...
CVE-2025-23885
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in anildhiman MJ Contact us mj-contact-us allows Reflected XSS.This issue affects MJ Contact us: from n/a through = 5.2.3...
CVE-2025-23503
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in osolwordpress Customizable Captcha and Contact Us customizable-captcha-and-contact-us-form allows Reflected XSS.This issue affects Customizable Captcha and Contact Us: from n/a through = 1.0.2...
CVE-2025-14028
The Contact Us Simple Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...
CVE-2025-14028 Contact Us Simple Form <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings
The Contact Us Simple Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wit...
CVE-2025-14028
CVE-2025-14028 affects Contact Us Simple Form (WordPress) plugins
WordPress plugin Contact Us Simple Form 跨站脚本漏洞
...
PT-2026-1614
Name of the Vulnerable Software and Affected Versions Contact Us Simple Form plugin for WordPress versions prior to 1.1 Description The Contact Us Simple Form plugin for WordPress is susceptible to Stored Cross-Site Scripting through admin settings. This is due to inadequate input sanitization an...
WordPress Contact Us Simple Form plugin <= 1.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via Plugin Settings vulnerability
Authenticated Administrator+ Stored Cross-Site Scripting via Plugin Settings vulnerability discovered by Bhumividh Treloges in WordPress Plugin Contact Us Simple Form versions = 1.0...
CVE-2025-15073
A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contactus.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and...
EUVD-2025-205359
A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contactus.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and...
CVE-2025-15073
A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contactus.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and...
CVE-2025-15073 itsourcecode Online Frozen Foods Ordering System contact_us.php sql injection
A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contactus.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and...
CVE-2025-15073 itsourcecode Online Frozen Foods Ordering System contact_us.php sql injection
A vulnerability was determined in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /contactus.php. This manipulation of the argument Name causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and...
itsourcecode Online Frozen Foods Ordering System SQL注入漏洞
itsourcecode Online Frozen Foods Ordering System is itsourcecode open source online frozen food ordering system . A SQL injection vulnerability exists in version 1.0 of itsourcecode Online Frozen Foods Ordering System, which stems from an incorrect manipulation of the parameter Name in the file...
PT-2025-53382
Name of the Vulnerable Software and Affected Versions itsourcecode Online Frozen Foods Ordering System version 1.0 Description A SQL injection issue exists in itsourcecode Online Frozen Foods Ordering System version 1.0. The issue is located in the /contact us.php file. Manipulation of the Name...
CVE-2025-20384
In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6, and 9.3.2411.117.125, an unauthenticated attacker can inject American National Standards Institute ANSI escape codes into Splunk log files due to improper...
CVE-2025-20384
In Splunk Enterprise versions below 10.0.1, 9.4.6, 9.3.8, and 9.2.10, and Splunk Cloud Platform versions below 10.1.2507.4, 10.0.2503.6, and 9.3.2411.117.125, an unauthenticated attacker can inject American National Standards Institute ANSI escape codes into Splunk log files due to improper...