8 matches found
PT-2024-12951 · Alphabpo · Alphabpo Easy Newsletter Signups
Name of the Vulnerable Software and Affected Versions: AlphaBPO Easy Newsletter Signups versions 1.0.0 through 1.0.4 Description: The issue is related to missing authorization, allowing exploitation of incorrectly configured access control security levels. This is a broken access control issue th...
PT-2024-36168 · WordPress · Best Wp Developer Advanced Blog Post Block
Name of the Vulnerable Software and Affected Versions: Best Wp Developer Advanced Blog Post Block versions 1.0.0 through 1.0.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks...
PT-2024-35049 · Unknown · Huy Le Multiple Votes
Name of the Vulnerable Software and Affected Versions: Huy Le Multiple Votes in one page versions 1.0.0 through 1.0.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
CVE-2020-4292
IBM Security Information Queue ISIQ 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 uses a cross-domain policy file that includes domains that should not be trusted which could disclose sensitive information. IBM X-Force ID: 176335...
athena-beta (>=1.0.0 <=2.0.4), athena-html (>=1.2.10 <=2.0.0-alpha.8) +8 more potentially affected by unknown CVE via concat-with-sourcemaps (>=1.0.0 <=1.0.4)
concat-with-sourcemaps NPM version =1.0.0, =1.0.0, =1.2.10, =1.0.0, =1.0.1, =0.0.2, =0.3.0, =1.0.0, =1.0.8 - peachhtmlproduction =1.0.0 Source cves: unknown CVE Source advisory: OSV:GHSA-2XV3-H762-CCXV...
Design/Logic Flaw
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for mcabber 1.0.0 - 1.0.4...
CVE-2017-5604
An incorrect implementation of "XEP-0280: Message Carbons" in multiple XMPP clients allows a remote attacker to impersonate any user, including contacts, in the vulnerable application's display. This allows for various kinds of social engineering attacks. This CVE is for mcabber 1.0.0 - 1.0.4...
CVE-2017-5604
Technical details for CVE-2017-5604 are not provided in the connected documents. No affected products, root cause, impact, or fixes are specified here. Monitor for updates.