9 matches found
WordPress MyPixs <=0.3 - Local File Inclusion
WordPress MyPixs 0.3 and prior contains a local file inclusion vulnerability. id: CVE-2015-1000012 info: name: WordPress MyPixs =0.4 or apply the vendor-provided patch to fix the LFI vulnerability. reference: - https://wpscan.com/vulnerability/24b83ce5-e3b8-4262-b087-a2dfec014985 -...
CVE-2018-1000012
Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...
CVE-2019-1000012
Hex package manager versions 0.14.0–0.18.2 contain a signing oracle vulnerability in the package registry verification, which can allow package modifications to go undetected and lead to code execution when victims fetch packages from a malicious/compromised mirror. The issue is tied to the regis...
CVE-2018-1000012
Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...
CVE-2018-1000012
Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks...
CVE-2018-1000012
The CVE-2018-1000012 entry concerns CloudBees Jenkins Warnings Plugin (versions 4.64 and earlier). The connected documents describe an XML External Entity (XXE) vulnerability in the plugin’s parsing of build-related files, enabling attackers with Jenkins user permissions to read secrets from the ...
CVE-2017-1000012
CVE-2017-1000012 : The connected records confirm a stored cross-site scripting vulnerability in MySQL Dumper version 1.24, triggered when displaying database data to the user. The affected component is the web UI that renders database content, with the root cause described as injection of malicio...
CVE-2015-1000012
Local File Inclusion Vulnerability in mypixs v0.3 wordpress plugin...
CVE-2015-1000012
CVE-2015-1000012 affects WordPress plugins: MyPixs = 0.4) or apply vendor patch. Public references include NVD, WPScan/VulnDB, and Vapidlabs advisories. If exploiting details are present, they are limited to the PoC URL shown; no additional exploit steps are described beyond the LFI concept.