tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c.

Cross-site scripting (XSS) vulnerability in search.pl in Dansie Search Engine 2.7 allows remote attackers to inject arbitrary web script or HTML via the keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled Magnific Popups library (version 1.1.0) in various versions due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. NOTE: This vulnerability was fixed in the upstream library (Magnific Popups version 1.2.0) by disabling the loading of HTML within certain fields by default.

Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

Multiple Cross Site Scripting (XSS) vulnerabilities exists in PHPGurukul Shopping v3.1 via the (1) callback parameter in (a) server_side/scripts/id_jsonp.php, (b) server_side/scripts/jsonp.php, and (c) scripts/objects_jsonp.php, the (2) value parameter in examples_support/editable_ajax.php, and the (3) PHP_SELF parameter in captcha/index.php.

In GPAC 2.1-DEV-rev87-g053aae8-master, function BS_ReadByte() in utils/bitstream.c has a failed assertion, which causes a Denial of Service. This vulnerability was fixed in commit 9ea93a2.

Cross-site scripting (XSS) vulnerability in Jupiter Content Manager 1.1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a Javascript URI in the image BBcode tag.

There is a Segmentation fault in the XmpParser::terminate() function in Exiv2 0.26, related to an exit call. A Crafted input will lead to a remote denial of service attack.

An Unrestricted File Upload vulnerability in CodeAstro Membership Management System in PHP v.1.0 allows a remote attacker to execute arbitrary code via upload of a crafted php file in the settings.php component.

USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in the number_start or number_end parameter to LastHundredRequest (aka lasthundredrequestAction) in the Timeline module. NOTE: this may overlap CVE-2020-25069.

A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.

Cross Site Request Forgery (CSRF) vulnerability in Form Tools 3.1.1 allows attackers to manipulate sensitive user data via crafted link.

Reflected Cross-Site Scripting (XSS) in zenml

In (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-220738351References: Upstream kernel

Chrome PHP is missing encoding in `CssSelector`

ASDA-Soft: Version 5.4.1.0 and prior does not properly sanitize input while processing a specific project file, allowing a possible out-of-bounds write condition.

Improper input validation vulnerability in TIGERF trustlet prior to SMR Apr-2023 Release 1 allows local attackers to access protected data.

Missing Authorization vulnerability in ValvePress Rankie allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Rankie: from n/a through 1.8.0.

The Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager plugin for WordPress is vulnerable to Unauthorized Arbitrary Media Replacement in all versions up to, and including, 3.1.5. This is due to missing object-level authorization checks in the handle_folders_file_upload() function. This makes it possible for authenticated attackers, with Author-level access and above, to replace arbitrary media files from the WordPress Media Library.

steghide 0.5.1 relies on a certain 32-bit seed value, which makes it easier for attackers to detect hidden data.