187 matches found
CVE-2024-42481
Skyport Daemon skyportd is the daemon for the Skyport Panel. By making thousands of folders & files easy due to skyport's lack of rate limiting on createFolder. createFile, skyportd in a lot of cases will cause 100% CPU usage and an OOM, probably crashing the system. This is fixed in 0.2.2...
WordPress Graceful Email Obfuscation plugin <= 0.2.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Graceful Email Obfuscation versions = 0.2.2...
PT-2025-4453 · WordPress · Wp-Tagmaker
Name of the Vulnerable Software and Affected Versions: WP-tagMaker versions 0.2.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for reflected Cross-site Scripting XSS. This enables an attacker to inject malicious scripts...
WordPress plugin WP-tagMaker 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A cross-site...
White-Jotter 代码注入漏洞
White-Jotter is an Antabot personal developer's front-end and back-end separation project using Vue+Spring Boot development, comes with a full set of development tutorials. Antabot White-Jotter 0.2.2 and earlier versions have a code injection vulnerability that originates from the component artic...
PT-2024-17889 · Unknown · Antabot White-Jotter
Name of the Vulnerable Software and Affected Versions: Antabot White-Jotter versions up to 0.2.2 Description: A problematic issue has been found in the Article Editor component, specifically in the /admin/content/editor file, affecting an unknown functionality. The manipulation of the articleCove...
White-Jotter 代码问题漏洞
White-Jotter is a front-end and back-end separation project developed by Antabot personal developer using Vue+Spring Boot, with a full set of development tutorials. A code issue vulnerability exists in White-Jotter 0.2.2 and earlier versions, which stems from the articleCover parameter of the fil...
White-Jotter 安全漏洞
White-Jotter is a front-end and back-end separation project developed by Antabot individual developer using Vue+Spring Boot, with a full set of development tutorials. A security vulnerability exists in White-Jotter version 0.2.2 and earlier, which stems from an incorrect manipulation of the...
Antabot White-Jotter 代码问题漏洞
White-Jotter is a front-end and back-end separation project developed by Antabot individual developers using Vue+Spring Boot, with a full set of development tutorials. A code issue vulnerability exists in Antabot White-Jotter version 0.2.2 and earlier versions. An attacker can exploit this...
PT-2024-17885 · Unknown · Antabot White-Jotter
Name of the Vulnerable Software and Affected Versions: Antabot White-Jotter versions up to 0.2.2 Description: A problematic issue has been found in Antabot White-Jotter, affecting some unknown processing of the file "/login". The manipulation of the argument username leads to observable response...
PT-2024-33564 · Unknown · Brandon White Author Discussion
Name of the Vulnerable Software and Affected Versions: Brandon White Author Discussion versions 0.2.2 and earlier Description: The issue is related to an SQL Injection vulnerability, specifically a Blind SQL Injection, due to the improper neutralization of special elements used in an SQL command...
WordPress plugin Author Discussion SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability...
ReLaXed 跨站脚本漏洞
ReLaXed is a ReLaXed open source application. PDF documents can be created interactively using HTML. A cross-site scripting vulnerability exists in ReLaXed 0.2.2 and earlier versions, which stems from an unknown feature of the component Pug to PDF Converter that causes cross-site scripting...
PT-2024-29978 · Unknown · Skyport Daemon
Name of the Vulnerable Software and Affected Versions: Skyport Daemon versions prior to 0.2.2 Description: The issue is related to the Skyport Daemon skyportd, which is the daemon for the Skyport Panel. It can be exploited by creating thousands of folders and files, taking advantage of the lack o...
CVE-2024-38525 dd-trace-cpp malformed unicode header values may cause crash
dd-trace-cpp is the Datadog distributed tracing for C++. When the library fails to extract trace context due to malformed unicode, it logs the list of audited headers and their values using the nlohmann JSON library. However, due to the way the JSON library is invoked, it throws an uncaught...
PT-2024-28052 · Unknown · Nlohmann/Json +1
Name of the Vulnerable Software and Affected Versions: dd-trace-cpp versions prior to 0.2.2 Description: The issue occurs when the library fails to extract trace context due to malformed unicode. It attempts to log the list of audited headers and their values using the nlohmann JSON library...
[SECURITY] Fedora 39 Update: sudo-rs-0.2.2-3.fc39
A memory safe implementation of sudo and su...
WordPress reCAPTCHA Jetpack plugin <= 0.2.2 - Stored XSS via CSRF vulnerability
Stored XSS via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin reCAPTCHA Jetpack versions = 0.2.2...
WordPress reCAPTCHA Jetpack plugin <= 0.2.2 - Settings Update via CSRF vulnerability
Settings Update via CSRF vulnerability discovered by Bob Matyas in WordPress Plugin reCAPTCHA Jetpack versions = 0.2.2...
WordPress reCAPTCHA Jetpack Plugin <= 0.2.2 is vulnerable to Cross Site Request Forgery (CSRF)
Software reCAPTCHA Jetpack Type Plugin Vulnerable versions = 0.2.2 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-3940 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cb69d1ca95bb Credits Bob Matyas Required...