Exploit for CVE-2024-51482

CVE-2024-51482-PoC Authenticated time-based blind SQL injecti...

EUVD-2022-44938

Malicious code in bioql PyPI...

CVE-2025-31903

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Xavi Ivars XV Random Quotes xv-random-quotes allows Reflected XSS.This issue affects XV Random Quotes: from n/a through = 2.0.0...

WordPress plugin XV Random Quotes 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

CVE-2022-41766

An issue was discovered in MediaWiki before 1.35.8, 1.36.x and 1.37.x before 1.37.5, and 1.38.x before 1.38.3. Upon an action=rollback operation, the alreadyrolled message can leak a user name when the user has been revision deleted/suppressed...

CVE-2023-29791

kodbox = 1.37 is vulnerable to Cross Site Scripting XSS via the debug information...

UBUNTU-CVE-2023-22496

Netdata is an open source option for real-time infrastructure monitoring and troubleshooting. An attacker with the ability to establish a streaming connection can execute arbitrary commands on the targeted Netdata agent. When an alert is triggered, the function healthalarmexecute is called. This...

MediaWiki 1.37.x - 1.38.x DoS Vulnerability - Windows

MediaWiki is prone to a denial of service DoS vulnerability. This VT has been deprecated since the vulnerability is in an extension and not in MediaWiki itself. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by th...

PT-2022-12581 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions prior to 1.35.5 MediaWiki versions 1.36.x prior to 1.36.3 MediaWiki versions 1.37.x prior to 1.37.1 Description: An issue was discovered in MediaWiki that allows CSRF through MassEditRegex. Recommendations: For MediaWiki...

PT-2021-24244 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions 1.37 and earlier Description: The issue allows for XSS to occur in Wikibase due to an external identifier property having a URL format that includes a $1 formatter substitution marker. This can be exploited using the...

MediaWiki 安全漏洞

MediaWiki is a suite of free and freely available web-based Wiki engines from the MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems. A cross-site scripting vulnerability exists in MediaWiki 1.37 and earlier versions, which can be...

PT-2021-24246 · Mediawiki +1 · Mediawiki +1

Name of the Vulnerable Software and Affected Versions: MediaWiki versions through 1.37 Description: The issue concerns a problem where the Special:ImportFile URI, also known as FileImporter, in MediaWiki allows for cross-site scripting XSS attacks. This is demonstrated through the clientUrl...

CVE-2020-5669

Cross-site scripting vulnerability in Movable Type Movable Type Premium 1.37 and earlier and Movable Type Premium Advanced 1.37 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

Cross site scripting

Cross-site scripting vulnerability in Movable Type Movable Type Premium 1.37 and earlier and Movable Type Premium Advanced 1.37 and earlier allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors...

HPE Integrated Lights-Out 5 Security Restriction Bypass Vulnerability

HPE Integrated Lights-Out 5 iLO 5 is a remote control solution. The solution enables remote monitoring and operation and maintenance of IT assets such as servers. A security restriction bypass vulnerability exists in HPE iLO 5 versions prior to 1.37. An attacker could exploit this vulnerability t...

LiquidVPN For macOS elevation of privilege vulnerability (CNVD-2018-22843)

LiquidVPN For MacOS is a VPN software for anonymous access to the Internet based on the MacOS platform. An elevation of privilege vulnerability exists in the 'anycmd' parameter in LiquidVPN For MacOS 1.37 and 1.36 and earlier versions. An attacker can exploit this vulnerability to gain elevated...

LiquidVPN For macOS Operating System Command Injection Vulnerability

LiquidVPN For MacOS is a VPN software for anonymous access to the Internet based on the MacOS platform. An OS command injection vulnerability exists in LiquidVPN For MacOS 1.37 and 1.36 and earlier versions, which stems from the program's failure to filter parameters passed to the 'system'...

CloudBees Jenkins EC2 Plugin Arbitrary Command Execution Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools , it is mainly used to monitor the continuous software version of the release/testing project and some of the timed execution of the task . An...

SAMSUNG NET-i Viewer 1.37 - Overwrite (SEH)

' Exploit Title: SAMSUNG NET-i viewer ActiveX SEH Overwrite ' Date: April 30 2012 ' Author: Blake ' Software Link: http://www.samsungsecurity.com/product/productview.asp?idx=5828 ' Version: 1.37 ' Tested on: Windows XP SP3 with IE6 running on Virtualbox ' RequestScreenOptimization in...