Show filters
496 Total Results
Displaying 261-270 of 496
Sort by:
Attacker Value
Unknown

CVE-2022-27844

Disclosure Date: April 07, 2022 (last updated February 23, 2025)
Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70
Attacker Value
Unknown

CVE-2020-20094

Disclosure Date: March 23, 2022 (last updated February 23, 2025)
Instagram iOS 106.0 and prior and Android 107.0.0.11 and prior user interface does not properly represent URI messages to the user, which results in URI spoofing via specially crafted messages
Attacker Value
Unknown

CVE-2021-24994

Disclosure Date: February 28, 2022 (last updated February 23, 2025)
The Migration, Backup, Staging WordPress plugin before 0.9.69 does not have authorisation when adding remote storages, and does not sanitise as well as escape a parameter from such unauthenticated requests before outputting it in admin page, leading to a Stored Cross-Site Scripting issue
Attacker Value
Unknown

CVE-2021-3551

Disclosure Date: February 16, 2022 (last updated February 23, 2025)
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.
Attacker Value
Unknown

CVE-2022-24926

Disclosure Date: February 11, 2022 (last updated February 23, 2025)
Improper input validation vulnerability in SmartTagPlugin prior to version 1.2.15-6 allows privileged attackers to trigger a XSS on a victim's devices.
Attacker Value
Unknown

CVE-2021-38130

Disclosure Date: February 04, 2022 (last updated October 07, 2023)
A potential Information leakage vulnerability has been identified in versions of Micro Focus Voltage SecureMail Mail Relay prior to 7.3.0.1. The vulnerability could be exploited to create an information leakage attack.
Attacker Value
Unknown

CVE-2021-25035

Disclosure Date: January 24, 2022 (last updated February 23, 2025)
The Backup and Staging by WP Time Capsule WordPress plugin before 1.22.7 does not sanitise and escape the error parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting
Attacker Value
Unknown

CVE-2021-45818

Disclosure Date: December 30, 2021 (last updated February 23, 2025)
SAFARI Montage 8.7.32 is affected by a CRLF injection vulnerability which can lead to HTTP response splitting.
Attacker Value
Unknown

CVE-2021-45425

Disclosure Date: December 28, 2021 (last updated February 23, 2025)
Reflected Cross Site Scripting (XSS) in SAFARI Montage versions 8.3 and 8.5 allows remote attackers to execute JavaScript codes.
Attacker Value
Unknown

CVE-2021-45895

Disclosure Date: December 27, 2021 (last updated February 23, 2025)
Netgen Tags Bundle 3.4.x before 3.4.11 and 4.0.x before 4.0.15 allows XSS in the Tags Admin interface.