CVE-2026-28050 WordPress Beacon theme <= 2.24 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Beacon beacon allows PHP Local File Inclusion.This issue affects Beacon: from n/a through = 2.24...

WordPress plugin Beacon 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

EUVD-2020-9308

Malware in sbrugna...

EUVD-2018-1355

Malware in sbrugna...

CVE-2025-58651 WordPress PlayerJS Plugin <= 2.24 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PlayerJS PlayerJS playerjs allows DOM-Based XSS.This issue affects PlayerJS: from n/a through = 2.24...

CVE-2024-45845

...

WordPress AJAX Login and Registration modal popup + inline form Plugin <= 2.23 is vulnerable to Cross Site Scripting (XSS)

Software AJAX Login and Registration modal popup + inline form Type Plugin Vulnerable versions = 2.23 Fixed in 2.24 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-33918 Patch priority Medium CVSS severity Medium 5.9 Developer Claim ownership PSID ea1aeec00d87...

ARM mbed TLS 缓冲区错误漏洞

ARM mbed TLS is a product from ARM UK that provides secure communication and encryption for mbed products. a security vulnerability exists in versions prior to Arm Mbed TLS 2.24.0, which stems from the program having a buffer that reads data excessively. No details of the vulnerability are...

CVE-2020-14518

Philips DreamMapper, Version 2.24 and prior. Information written to log files can give guidance to a potential attacker...

QQQ SYSTEMS OS Command Injection Vulnerability

QQQ SYSTEMS is a set of CGI scripts for creating quiz pages. A security vulnerability exists in QQQ SYSTEMS version 2.24. An attacker can exploit this vulnerability to execute arbitrary commands...

QQQ SYSTEMS cross-site scripting vulnerability (CNVD-2018-07697)

QQQ SYSTEMS is a set of CGI scripts for creating quiz pages. A cross-site scripting vulnerability exists in QQQ SYSTEMS version 2.24. A remote attacker can exploit this vulnerability to inject arbitrary web scripts via the quizop.cgi file...

CVE-2018-0538

Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an attacker to inject arbitrary web script or HTML via unspecified vectors...

Cross site scripting

Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an attacker to inject arbitrary web script or HTML via quiz.cgi...

CVE-2018-0539

QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors...

JVN#96655441: QQQ SYSTEMS vulnerable to cross-site scripting

QQQ SYSTEMS provided by Gundam Cult QQQ is a CGI script to create quiz pages. quizop.cgi of QQQ SYSTEMS contains a cross-site scripting vulnerability CWE-79. When a user accesses a malicious page and is redirected to a page created with the product, an arbitrary script may be executed on the user...

Routers2 Cross-Site Scripting Vulnerability

Routers2 is a front-end routing tool. A cross-site scripting vulnerability exists in Routers2 version 2.24. A remote attacker can exploit this vulnerability to inject malicious script into a client browser...

CVE-2018-6193

A Cross-Site Scripting XSS vulnerability was found in Routers2 2.24, affecting the 'rtr' GET parameter in a page=graph action to cgi-bin/routers2.pl...

Multiple Command Injection Vulnerabilities in Veil-Evasion RPC

Veil-Evasion is a suite of tools designed specifically for generating kill-free MSFPAYLOAD. A command injection vulnerability exists in Veil-Evasion versions 2.5.2 through 2.24, which can be exploited by an attacker to execute arbitrary commands in an affected application...

SeaMonkey < 2.24 Multiple Vulnerabilities

The installed version of SeaMonkey is earlier than 2.24 and is, therefore, potentially affected by the following vulnerabilities : - Memory issues exist in the browser engine that could result in a denial of service or arbitrary code execution. CVE-2014-1477, CVE-2014-1478 - An error exists relat...

thttpd 2.2x - &#039;defang&#039; Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/8906/info A vulnerability has been reported in thttpd that may allow a remote attacker to execute arbitrary code on vulnerable host. The issue is reported to exist due to a lack of bounds checking by software, leading to a buffer overflow condition. Th...