Aggregator

CVE-2025-2365 | crmeb_java up to 1.3.4 WeChatMessageController.java webHook xml external entity reference

VulDB Recent Entries
9 months ago
A vulnerability, which was classified as problematic, has been found in crmeb_java up to 1.3.4. Affected by this issue is the function webHook of the file WeChatMessageController.java. The manipulation leads to xml external entity reference. This vulnerability is handled as CVE-2025-2365. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-5901 | SiteOrigin Widgets Bundle up to 1.62.2 on WordPress Image Grid Widget cross site scripting

Vuldb Updates
9 months ago
A vulnerability was found in SiteOrigin Widgets Bundle up to 1.62.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Image Grid Widget. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-5901. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2024-7284 | SourceCodester Lot Reservation Management System 1.0 ajax.php?action=save_settings about cross site scripting

Vuldb Updates
9 months ago
A vulnerability, which was classified as problematic, was found in SourceCodester Lot Reservation Management System 1.0. This affects an unknown part of the file /admin/ajax.php?action=save_settings. The manipulation of the argument about leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-7284. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-7285 | SourceCodester Establishment Billing Management System 1.0 ajax.php?action=save_settings name cross site scripting

Vuldb Updates
9 months ago
A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_settings. The manipulation of the argument name leads to cross site scripting. This vulnerability was named CVE-2024-7285. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-39320 | Discourse up to 3.2.4/3.3.0.beta4 Setting allowed_iframes injection

Vuldb Updates
9 months ago
A vulnerability has been found in Discourse up to 3.2.4/3.3.0.beta4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation of the argument allowed_iframes leads to injection. This vulnerability is known as CVE-2024-39320. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-37165 | Discourse up to 3.2.2/3.3.0.beta2 Onebox Data cross site scripting

Vuldb Updates
9 months ago
A vulnerability was found in Discourse up to 3.2.2/3.3.0.beta2. It has been classified as problematic. This affects an unknown part of the component Onebox Data Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-37165. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

Managed ad