Vulnerabilities

CVE-2026-1151 - technical-laohu mpay User Center cross site scripting

2026-01-19 0 views admin
CVE-2026-1151 - technical-laohu mpay User Center cross site scripting

CVE ID : CVE-2026-1151 Published : Jan. 19, 2026, 11:15 a.m. | 45 minutes ago Description : A weakness has been identified in technical-laohu mpay up to 1.2.4. The affected element is an unknown function of the component User Center. This manipulation of the argument Nickname causes cross site scripting. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

Severity
MEDIUM
Published
Jan. 19, 2026

🏷️ Tags

cvevulnerabilitysecuritycybersecuritycve-2026-1151medium

More from Vulnerabilities

CVE-2026-1157 - Totolink LR350 cstecgi.cgi setWiFiEasyCfg buffer overflow

CVE-2026-1157 - Totolink LR350 cstecgi.cgi setWiFiEasyCfg buffer overflow

2026-01-19 0
CVE-2026-21618 - Cross-site scripting (XSS) in OAuth Device Authorization screen

CVE-2026-21618 - Cross-site scripting (XSS) in OAuth Device Authorization screen

2026-01-19 0
CVE-2026-1159 - itsourcecode Online Frozen Foods Ordering System order_online.php sql injection

CVE-2026-1159 - itsourcecode Online Frozen Foods Ordering System order_online.php sql injection

2026-01-19 0
CVE-2026-1158 - Totolink LR350 POST Request cstecgi.cgi setWizardCfg buffer overflow

CVE-2026-1158 - Totolink LR350 POST Request cstecgi.cgi setWizardCfg buffer overflow

2026-01-19 0

Trending

1

Tech: Go-legacy-winxp: Compile Golang 1.24 code for Windows XP

2026-01-15 • 4457 views
2

Tech: Data is the only moat

2026-01-15 • 4133 views
3

Tech: Pocket TTS: A high quality TTS that gives your CPU a voice

2026-01-15 • 3239 views
4

Tech: AWS European Sovereign Cloud

2026-01-15 • 2741 views
5

Tech: JuiceFS is a distributed POSIX file system built on top of Redis and S3

2026-01-15 • 2719 views