14 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-10104
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In several JetBrains IntelliJ IDEA Ultimate versions, an Application Server run configuration for Tomcat, Jetty, Resin, or CloudBees with the default setting...
CVE-2024-10104
The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2015-10104
A vulnerability, which was classified as problematic, has been found in Icons for Features Plugin 1.0.0 on WordPress. Affected by this issue is some unknown functionality of the file classes/class-icons-for-features-admin.php. The manipulation of the argument redirecturl leads to open redirect. T...
CVE-2024-10104
creationtimestamp| type| source ---|---|--- 2024-11-15 06:18:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113485513562755593 2024-11-15 09:23:47+00:00| seen| https://t.me/cvedetector/11046...
CVE-2024-10104 Jobs for WordPress < 2.7.8 - Contributor+ Stored XSS
The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...
CVE-2024-10104 Jobs for WordPress < 2.7.8 - Contributor+ Stored XSS
The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks...
WordPress Jobs for WordPress Plugin < 2.7.8 is vulnerable to Cross Site Scripting (XSS)
Software Jobs for WordPress Type Plugin Vulnerable versions 2.7.8 Fixed in 2.7.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10104 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 470159fcd95b Credits Krugov Artyom Required...
CVE-2020-10104
CVE-2020-10104 affects Zammad 3.0–3.2. After authentication, the app transmits sensitive data to the user, allowing potential compromise and unauthorized access. Specifically, hashed passwords are returned to the user when visiting a certain URL. Red Hat and multiple feeds corroborate the issue i...
CVE-2019-10104
creationtimestamp| type| source ---|---|--- 2019-07-04 18:00:17+00:00| seen| https://t.me/cveNotify/198 2019-07-05 17:00:32+00:00| seen| https://t.me/cveNotify/254...
Photon OS 1.0: Openjre PHSA-2017-0026
An update of the openjre package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0026. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121719;...
Oracle Java SE Multiple Vulnerabilities (July 2017 CPU)
The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is prior to 8 Update 141, 7 Update 151, or 6 Update 161. It is, therefore, affected by multiple vulnerabilities : - An unspecified flaw exists in the 2D component that allows an unauthenticated, remote...
CVE-2016-10104
Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to an...
CVE-2016-10104
Information Disclosure can occur in sshProfiles.jsd in Hitek Software's Automize because of the Read attribute being set for Users. This allows an attacker to recover encrypted passwords for SSH/SFTP profiles. Verified in all 10.x versions up to and including 10.25, and all 11.x versions up to an...
CVE-2016-10104
Affected product/component: Hitek Software Automatize; issue in the sshProfiles.jsd module. Root cause: Read attribute configured for Users enables information disclosure. Impact: attacker could recover encrypted passwords for SSH/SFTP profiles. Versions affected: 10.x up to 10.25 and 11.x up to ...