EUVD-2023-31353

Malicious code in bioql PyPI...

CVE-2023-27616

Unauth. Stored Cross-Site Scripting XSS vulnerability in David F. Carr RSVPMaker plugin = 10.6.6 versions...

WordPress WP eMember plugin < 10.6.6 - Admin+ Arbitrary File Upload vulnerability

Admin+ Arbitrary File Upload vulnerability discovered by Bob Matyas in WordPress Plugin WP eMember versions 10.6.6...

WordPress WP eMember plugin < 10.6.6 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by kauenavarro in WordPress Plugin WP eMember versions 10.6.6...

WordPress plugin wp-eMember security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in...

PT-2024-34406 · WordPress · Wp-Emember

Name of the Vulnerable Software and Affected Versions: wp-eMember WordPress plugin versions prior to 10.6.6 Description: The issue concerns the lack of CSRF checks in certain areas, potentially allowing attackers to trick logged-in users into performing unintended actions through CSRF attacks...

WordPress plugin wp-eMember security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin wp-eMember security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin wp-eMember security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2023-25054 WordPress RSVPMarker Plugin <= 10.6.6 is vulnerable to Remote Code Execution (RCE)

Improper Control of Generation of Code 'Code Injection' vulnerability in David F. Carr RSVPMaker.This issue affects RSVPMaker: from n/a through 10.6.6...

PT-2023-19900 · Rsvpmaker · Rsvpmaker

Name of the Vulnerable Software and Affected Versions: RSVPMaker versions n/a through 10.6.6 Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability. This vulnerability affects the generation of code, potentially allowing for code injection...

CVE-2023-41652

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in David F. Carr RSVPMaker rsvpmaker allows SQL Injection.This issue affects RSVPMaker: from n/a through 10.6.6...

PT-2023-28024 · Rsvpmaker · Rsvpmaker

Name of the Vulnerable Software and Affected Versions: RSVPMaker versions through 10.6.6 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations: For...

WordPress RSVPMarker Plugin <= 10.6.6 is vulnerable to Remote Code Execution (RCE)

Software RSVPMarker Type Plugin Vulnerable versions = 10.6.6 Fixed in 10.6.7 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-25054 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 8f0ff34720aa Credits Ravi Dharmawan Required privilege...

MariaDB Multiple Vulnerabilities (Feb 2022) - Windows

MariaDB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mariadb:mariadb"; if description...

Symantec Messaging Gateway 10.x < 10.6.6 Multiple Vulnerabilities (SYMSA1461)

According to its self-reported version number, the Symantec Messaging Gateway SMG running on the remote host is 10.x prior to 10.6.6. It is, therefore, affected by multiple vulnerabilities as described in the vendor advisory. Note that Nessus has not tested for these issues but has instead relied...

Xxe

The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity XXE exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths ...

CVE-2018-12243

The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity XXE exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths ...

Apple Mac OS X FlashPix文件CVE-2011-3222缓冲区溢出漏洞

Bugtraq ID: 50100 CVE ID：CVE-2011-3222 Apple Mac OS X是苹果公司发布的操作系统。 QuickTime处理FlashPix文件存在缓冲区溢出，构建特制的FLashPix文件可导致未明的应用程序终止或任意代码执行。 Apple Mac OS X Server 10.6.6 Apple Mac OS X Server 10.6.5 Apple Mac OS X Server 10.6.5 Apple Mac OS X Server 10.6.4 Apple Mac OS X Server 10.6.3 Apple Mac OS X Serve...

Apple Mac OS X PackageKit Format String Vulnerability

This host is missing an important security update according to Mac OS X 10.6.6 Update. OpenVAS Vulnerability Test $Id: secpodmacosxpackagekitformatstringvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ Apple Mac OS X PackageKit Format String Vulnerability Authors: Madhuri D Copyright: Copyright c 201...