Fluent Support – WordPress Helpdesk And Customer Support Ticket Plugin Security Vulnerabilities

CVE-2024-5350

A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been classified as critical. Affected is the function pageList of the file /pageList. The manipulation of the argument p leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the.....

CVE-2024-5350 anji-plus AJ-Report pageList sql injection

A vulnerability was found in anji-plus AJ-Report up to 1.4.1. It has been classified as critical. Affected is the function pageList of the file /pageList. The manipulation of the argument p leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the.....

CVE-2024-5340

A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view/vpn/autovpn/sub_commit.php. The manipulation of the argument key leads to os command injection. The attack may be launched remotely. The.....

CVE-2024-5340 Ruijie RG-UAC sub_commit.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been rated as critical. Affected by this issue is some unknown functionality of the file /view/vpn/autovpn/sub_commit.php. The manipulation of the argument key leads to os command injection. The attack may be launched remotely. The.....

CVE-2023-45289 vulnerabilities

Vulnerabilities for packages: capslock, doppler-kubernetes-operator, prometheus-beat-exporter, skaffold, crossplane-provider-azure, nerdctl, vexctl, docker-credential-gcr, gomplate, k8sgpt, kine, yam, memcached-exporter, cue, cadvisor, helm-operator, opentofu, loki,...

GHSA-VVPX-J8F3-3W6H vulnerabilities

Vulnerabilities for packages: hey, gke-gcloud-auth-plugin, restic, k3d, falco, wireguard-go, dynamic-localpv-provisioner, go,...

CVE-2023-44487 vulnerabilities

Vulnerabilities for packages: skaffold, gomplate, memcached-exporter, flux-kustomize-controller, cue, aactl, opentofu, secrets-store-csi-driver-provider-gcp, ko, kaf, metrics-server, terraform-provider-aws, metacontroller, coredns, prometheus-elasticsearch-exporter, terraform-provider-azurerm,...

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: prometheus-nats-exporter, capslock, doppler-kubernetes-operator, jaeger-agent, prometheus-beat-exporter, crossplane-provider-azure, nerdctl, skaffold, spire-server, vexctl, gomplate, k8sgpt, kine, tekton-chains, memcached-exporter, melange, cadvisor, aactl,...

CVE-2024-21626 vulnerabilities

Vulnerabilities for packages: ctop, nvidia-device-plugin, k9s, skaffold, ingress-nginx-controller, nerdctl, docker, newrelic-infrastructure-agent, datadog-agent, cadvisor, buildkitd, k3s, skopeo, k3d, kubernetes, syft, zot, kots, grype, zarf, kubescape, runc, telegraf, kaniko, wolfictl,...

CVE-2023-45288 vulnerabilities

Vulnerabilities for packages: prometheus-nats-exporter, bincapz, opentofu, ko, regclient, k3d, coredns, gptscript, src-fingerprint, kubeadm-bootstrap-controller, go-md2man, ollama, grafana, shfmt, nri-mssql, gitlab-kas, certificate-transparency, nri-mysql, harbor-scanner-trivy, argo-cd, helm,...

GHSA-5FQ7-4MXC-535H vulnerabilities

Vulnerabilities for packages: prometheus-nats-exporter, capslock, prometheus-beat-exporter, jaeger-agent, skaffold, crossplane-provider-azure, docker-credential-gcr, gomplate, k8sgpt, tekton-chains, croc, melange, flux-kustomize-controller, cue, cadvisor, aactl, helm-operator, loki,...

CVE-2024-24787 vulnerabilities

Vulnerabilities for packages: prometheus-nats-exporter, capslock, prometheus-beat-exporter, jaeger-agent, skaffold, crossplane-provider-azure, docker-credential-gcr, gomplate, k8sgpt, tekton-chains, croc, melange, flux-kustomize-controller, cue, cadvisor, aactl, helm-operator, loki,...

CVE-2023-45285 vulnerabilities

Vulnerabilities for packages: ctop, nri-discovery-kubernetes, aws-flb-cloudwatch, sops, mage, vertical-pod-autoscaler, flannel-cni-plugin, docker-credential-ecr-login, configmap-reload, goreleaser, falco, scorecard, prometheus-stackdriver-exporter, protoc-gen-go-grpc, cass-operator, dgraph,...

CVE-2022-41723 vulnerabilities

Vulnerabilities for packages: hey, gke-gcloud-auth-plugin, restic, k3d, falco, wireguard-go, dynamic-localpv-provisioner, go,...

CVE-2023-3978 vulnerabilities

Vulnerabilities for packages: skaffold, crossplane-provider-azure, gomplate, k8sgpt, memcached-exporter, flux-kustomize-controller, cue, aactl, opentofu, secrets-store-csi-driver-provider-gcp, kaf, k3d, metrics-server, prometheus-alertmanager, metacontroller, coredns,...

CVE-2024-24786 vulnerabilities

Vulnerabilities for packages: prometheus-nats-exporter, capslock, doppler-kubernetes-operator, jaeger-agent, prometheus-beat-exporter, crossplane-provider-azure, nerdctl, skaffold, spire-server, vexctl, gomplate, k8sgpt, kine, tekton-chains, memcached-exporter, melange, cadvisor, aactl,...

GHSA-RR6R-CFGF-GC6H vulnerabilities

Vulnerabilities for packages: capslock, doppler-kubernetes-operator, prometheus-beat-exporter, skaffold, crossplane-provider-azure, nerdctl, vexctl, docker-credential-gcr, gomplate, k8sgpt, kine, yam, memcached-exporter, cue, cadvisor, helm-operator, opentofu, loki,...

CVE-2024-24784 vulnerabilities

Vulnerabilities for packages: capslock, doppler-kubernetes-operator, prometheus-beat-exporter, skaffold, crossplane-provider-azure, nerdctl, vexctl, docker-credential-gcr, gomplate, k8sgpt, kine, yam, memcached-exporter, cue, cadvisor, helm-operator, opentofu, loki,...

GHSA-4V7X-PQXF-CX7M vulnerabilities

Vulnerabilities for packages: prometheus-nats-exporter, bincapz, opentofu, ko, regclient, k3d, coredns, gptscript, src-fingerprint, kubeadm-bootstrap-controller, go-md2man, ollama, grafana, shfmt, nri-mssql, gitlab-kas, certificate-transparency, nri-mysql, harbor-scanner-trivy, argo-cd, helm,...

GHSA-2JWV-JMQ4-4J3R vulnerabilities

Vulnerabilities for packages: prometheus-nats-exporter, capslock, prometheus-beat-exporter, jaeger-agent, skaffold, crossplane-provider-azure, docker-credential-gcr, gomplate, k8sgpt, tekton-chains, croc, melange, flux-kustomize-controller, cue, cadvisor, aactl, helm-operator, loki,...

CVE-2023-39325 vulnerabilities

Vulnerabilities for packages: skaffold, crossplane-provider-azure, gomplate, k8sgpt, tekton-chains, memcached-exporter, flux-kustomize-controller, cue, aactl, opentofu, secrets-store-csi-driver-provider-gcp, kaf, k3d, metrics-server, prometheus-alertmanager, metacontroller, coredns,...

GHSA-3Q2C-PVP5-3CQP vulnerabilities

Vulnerabilities for packages: capslock, doppler-kubernetes-operator, prometheus-beat-exporter, skaffold, crossplane-provider-azure, nerdctl, vexctl, docker-credential-gcr, gomplate, k8sgpt, kine, yam, memcached-exporter, cue, cadvisor, helm-operator, opentofu, loki,...

GHSA-FGQ5-Q76C-GX78 vulnerabilities

Vulnerabilities for packages: capslock, doppler-kubernetes-operator, prometheus-beat-exporter, skaffold, crossplane-provider-azure, nerdctl, vexctl, docker-credential-gcr, gomplate, k8sgpt, kine, yam, memcached-exporter, cue, cadvisor, helm-operator, opentofu, loki,...

GHSA-J6M3-GC37-6R6Q vulnerabilities

Vulnerabilities for packages: capslock, doppler-kubernetes-operator, prometheus-beat-exporter, skaffold, crossplane-provider-azure, nerdctl, vexctl, docker-credential-gcr, gomplate, k8sgpt, kine, yam, memcached-exporter, cue, cadvisor, helm-operator, opentofu, loki,...

GHSA-9F76-WG39-X86H vulnerabilities

Vulnerabilities for packages: ctop, nri-discovery-kubernetes, aws-flb-cloudwatch, sops, mage, vertical-pod-autoscaler, flannel-cni-plugin, docker-credential-ecr-login, configmap-reload, goreleaser, falco, scorecard, prometheus-stackdriver-exporter, protoc-gen-go-grpc, cass-operator, dgraph,...

CVE-2023-39326 vulnerabilities

Vulnerabilities for packages: ctop, nri-discovery-kubernetes, aws-flb-cloudwatch, sops, mage, vertical-pod-autoscaler, flannel-cni-plugin, docker-credential-ecr-login, configmap-reload, goreleaser, falco, scorecard, prometheus-stackdriver-exporter, protoc-gen-go-grpc, cass-operator, dgraph,...

GHSA-5F94-VHJQ-RPG8 vulnerabilities

Vulnerabilities for packages: ctop, nri-discovery-kubernetes, aws-flb-cloudwatch, sops, mage, vertical-pod-autoscaler, flannel-cni-plugin, docker-credential-ecr-login, configmap-reload, goreleaser, falco, scorecard, prometheus-stackdriver-exporter, protoc-gen-go-grpc, cass-operator, dgraph,...

GHSA-4374-P667-P6C8 vulnerabilities

Vulnerabilities for packages: skaffold, crossplane-provider-azure, gomplate, k8sgpt, tekton-chains, memcached-exporter, flux-kustomize-controller, cue, aactl, opentofu, secrets-store-csi-driver-provider-gcp, kaf, k3d, metrics-server, prometheus-alertmanager, metacontroller, coredns,...

GHSA-2WRH-6PVC-2JM9 vulnerabilities

Vulnerabilities for packages: skaffold, crossplane-provider-azure, gomplate, k8sgpt, memcached-exporter, flux-kustomize-controller, cue, aactl, opentofu, secrets-store-csi-driver-provider-gcp, kaf, k3d, metrics-server, prometheus-alertmanager, metacontroller, coredns,...

GHSA-QPPJ-FM5R-HXR3 vulnerabilities

Vulnerabilities for packages: skaffold, gomplate, memcached-exporter, flux-kustomize-controller, cue, aactl, opentofu, secrets-store-csi-driver-provider-gcp, ko, kaf, metrics-server, terraform-provider-aws, metacontroller, coredns, prometheus-elasticsearch-exporter, terraform-provider-azurerm,...

GHSA-M425-MQ94-257G vulnerabilities

Vulnerabilities for packages: nvidia-device-plugin, external-dns, kubevela, tctl, terraform, minio, goreleaser, falco, spark-operator, scorecard, prometheus-stackdriver-exporter, dynamic-localpv-provisioner, flux-kustomize-controller, gitlab-pages, kubernetes-csi-node-driver-registrar, dgraph,...

GHSA-32CH-6X54-Q4H9 vulnerabilities

Vulnerabilities for packages: capslock, doppler-kubernetes-operator, prometheus-beat-exporter, skaffold, crossplane-provider-azure, nerdctl, vexctl, docker-credential-gcr, gomplate, k8sgpt, kine, yam, memcached-exporter, cue, cadvisor, helm-operator, opentofu, loki,...

CVE-2024-24783 vulnerabilities

Vulnerabilities for packages: capslock, doppler-kubernetes-operator, prometheus-beat-exporter, skaffold, crossplane-provider-azure, nerdctl, vexctl, docker-credential-gcr, gomplate, k8sgpt, kine, yam, memcached-exporter, cue, cadvisor, helm-operator, opentofu, loki,...

CVE-2024-24785 vulnerabilities

Vulnerabilities for packages: capslock, doppler-kubernetes-operator, prometheus-beat-exporter, skaffold, crossplane-provider-azure, nerdctl, vexctl, docker-credential-gcr, gomplate, k8sgpt, kine, yam, memcached-exporter, cue, cadvisor, helm-operator, opentofu, loki,...

CVE-2024-24788 vulnerabilities

Vulnerabilities for packages: prometheus-nats-exporter, capslock, prometheus-beat-exporter, jaeger-agent, skaffold, crossplane-provider-azure, docker-credential-gcr, gomplate, k8sgpt, tekton-chains, croc, melange, flux-kustomize-controller, cue, cadvisor, aactl, helm-operator, loki,...

CVE-2023-45290 vulnerabilities

Vulnerabilities for packages: capslock, doppler-kubernetes-operator, prometheus-beat-exporter, skaffold, crossplane-provider-azure, nerdctl, vexctl, docker-credential-gcr, gomplate, k8sgpt, kine, yam, memcached-exporter, cue, cadvisor, helm-operator, opentofu, loki,...

GHSA-XR7R-F8XQ-VFVV vulnerabilities

Vulnerabilities for packages: ctop, nvidia-device-plugin, k9s, skaffold, ingress-nginx-controller, nerdctl, docker, newrelic-infrastructure-agent, datadog-agent, cadvisor, buildkitd, k3s, skopeo, k3d, kubernetes, syft, zot, kots, grype, zarf, kubescape, runc, telegraf, kaniko, wolfictl,...

siteimpulse.com Cross Site Scripting vulnerability OBB-3930448

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

Exploit for Vulnerability in Reportlab

CVE-2023-33733-POC Disclamer I did not, nor do I take...

app10.infarmed.pt Cross Site Scripting vulnerability OBB-3930447

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-5339

A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/vpn/autovpn/online_check.php. The manipulation of the argument peernode leads to os command injection. The attack can be...

deproeftafel.nl Cross Site Scripting vulnerability OBB-3930443

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

afashionableflowerboutique.com Cross Site Scripting vulnerability OBB-3930441

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

selbsterfahrung.at Cross Site Scripting vulnerability OBB-3930437

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

raykolgroup.com Cross Site Scripting vulnerability OBB-3930436

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-5339 Ruijie RG-UAC online_check.php os command injection

A vulnerability was found in Ruijie RG-UAC up to 20240516. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /view/vpn/autovpn/online_check.php. The manipulation of the argument peernode leads to os command injection. The attack can be...

lustigjewelers.com Cross Site Scripting vulnerability OBB-3930434

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

lakeontariorealty.com Cross Site Scripting vulnerability OBB-3930433

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

carkala.com Cross Site Scripting vulnerability OBB-3930430

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

apartmentsbulgaria.bg Cross Site Scripting vulnerability OBB-3930428

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...