9 matches found
CVE-2026-1243 IBM Content Navigator is affected by , a Cross-Site Scripting (XSS) vulnerability
IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
PT-2026-29656
IBM Content Navigator 3.0.15, 3.1.0, and 3.2.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
CVE-2026-23795
CVE-2026-23795 describes an XML External Entity (XXE) vulnerability in the Apache Syncope Console. An administrator with sufficient entitlements to create or edit Keymaster parameters can craft malicious XML text to trigger XXE, potentially leaking sensitive data. Affected versions: Apache Syncop...
EUVD-2025-34214
IBM Content Navigator 3.0.11, 3.0.15, 3.1.0, and 3.2.0 could expose the directory listing of the application upon using an application URL. Application files and folders are visible in the browser to a user; however, the contents of the files cannot be read obtained or modified...
WordPress Jenga Payment Gateway for WooCommerce plugin <= 3.0.15 - SQL Injection vulnerability
SQL Injection vulnerability discovered by 0se1do in WordPress Plugin Jenga Payment Gateway for WooCommerce versions = 3.0.15...
CVE-2024-56341
IBM Content Navigator 3.0.11, 3.0.15, and 3.1.0 is vulnerable to cross-site scripting. This vulnerability allows an authenticated user to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...
PT-2024-35035 ยท Unknown ยท Imforza Wp Listings Pro
Name of the Vulnerable Software and Affected Versions: imFORZA WP Listings Pro versions prior to 3.0.15 Description: The issue is related to improper neutralization of input during web page generation, which leads to a Cross-site Scripting XSS vulnerability, specifically Stored XSS. This allows...
BaserCMS Cross-Site Scripting Vulnerability (CNVD-2018-15279)
baserCMS is an enterprise-level content management system CMS. A cross-site scripting vulnerability exists in baserCMS versions 4.1.0.1 and earlier and 3.0.15 and earlier. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...
FreeRADIUS 'make_secret()' Letter Denial of Service Vulnerability
FreeRADIUS is a set of software that implements the RADIUS protocol from the FreeRADIUS Server project. The software is mainly used for account authentication management, bookkeeping management and Internet account management, etc. and contains a Radius server, a client library for BSD protocol...