Lucene search
K

8 matches found

SUSE Linux
SUSE Linux
added 5 days ago4 views

Security update 5.1.4 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Security issue fixed: CVE-2022-21698: Fixed prometheus/clientgolang possible denial of service using InstrumentHandlerCounter bsc1248699 golang-github-lusitaniae-apacheexporter: Non customer facing changes...

7.5CVSS7AI score0.91969EPSS
Exploits3References40
SUSE Linux
SUSE Linux
added 5 days ago4 views

Security update 5.1.4 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Security issue fixed: CVE-2022-21698: Fixed prometheus/clientgolang possible denial of service using InstrumentHandlerCounter bsc1248699 golang-github-lusitaniae-apacheexporter: Non customer facing changes...

7.5CVSS7AI score0.91969EPSS
Exploits3References64
SUSE Linux
SUSE Linux
added 5 days ago4 views

Security update 5.1.4 for Multi-Linux Manager Client Tools

This update fixes the following issues: golang-github-QubitProducts-exporterexporter: Security issue fixed: CVE-2022-21698: Fixed prometheus/clientgolang possible denial of service using InstrumentHandlerCounter bsc1248699 golang-github-lusitaniae-apacheexporter: Non customer facing changes...

7.5CVSS7AI score0.91969EPSS
Exploits3References64
WPVulnDB
WPVulnDB
added 2024/05/23 12:0 a.m.27 views

Hash Form – Drag & Drop Form Builder < 1.1.1 - Unauthenticated Arbitrary File Upload to Remote Code Execution

Description The Hash Form – Drag & Drop Form Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fileuploadaction' function in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to upload...

9.8CVSS8AI score0.50934EPSS
Exploits8References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.29 views

Drag and Drop Multiple File Upload – Contact Form 7 < 1.3.7.8 - Sensitive Information Exposure

Description The Drag and Drop Multiple File Upload – Contact Form 7 plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.7.7 via the '/wp-content/uploads/wpdndcf7uploads/wpcf7-files' directory. This makes it possible for unauthenticated...

5.3CVSS6.7AI score0.0065EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/11/24 12:0 a.m.20 views

Drag and Drop Multiple File Upload - Contact Form 7 < 1.3.7.4 - Unauthenticated Arbitrary File Upload

Description The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'dnduploadcf7upload' function in versions up to, and including, 1.3.7.3. This makes it possible for unauthenticated...

9.8CVSS8.3AI score0.01793EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2023/10/16 12:0 a.m.9 views

Awesome Support < 6.1.5 - Submitter+ Arbitrary File Deletion

Description The plugin does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server. PoC 1. Visit Tickets Settings File Upload 2. Ensure "Enable File Upload", "Enable drag-n-drop uploader for ticket form", and "Check...

8.1CVSS6.3AI score0.0066EPSS
Exploits2Affected Software1
WPVulnDB
WPVulnDB
added 2023/09/21 12:0 a.m.16 views

Drag and Drop Multiple File Upload < 1.1.1 - Unauthenticated Stored Cross-Site Scripting

Description The plugin does not filter all potentially dangerous file extensions. Therefore, an attacker can upload unsafe .shtml or .svg files containing malicious scripts. PoC Using malicious SVG files: Go to a product page that features the file upload form, and paste the following in your...

5.4CVSS5.5AI score0.00395EPSS
Exploits2Affected Software1
Rows per page
Query Builder