CVE-2019-11380

The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage...

WordPress Everest Backup plugin <= 2.3.5 - Missing Authorization to Unauthenticated Information Exposure vulnerability

Missing Authorization to Unauthenticated Information Exposure vulnerability discovered by netranger in WordPress Plugin Everest Backup versions = 2.3.5...

CVE-2024-11380

creationtimestamp| type| source ---|---|--- 2024-12-07 11:16:20+00:00| seen| https://infosec.exchange/users/cve/statuses/113611255337618855 2024-12-07 14:12:35+00:00| seen| https://t.me/cvedetector/12324...

CVE-2024-11380 Mini Program API <= 1.4.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Mini Program API plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'qvideo' shortcode in all versions up to, and including, 1.4.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-11380

CVE-2024-11380 : The Mini Program API plugin for WordPress (versions ≤ 1.4.5) is affected by a stored XSS in the qvideo shortcode due to insufficient input sanitization/output escaping of user attributes. This allows authenticated attackers with contributor-level access or higher to inject script...

CVE-2020-11380

...

CVE-2020-11380

CVE-2020-11380 entry is rejected/not used per the initial description.

CVE-2019-11380

creationtimestamp| type| source ---|---|--- 2019-09-16 06:09:11+00:00| published-proof-of-concept| https://t.me/androidMalware/376 2019-09-16 08:08:03+00:00| published-proof-of-concept| https://t.me/thebugbountyhunter/3107 2019-09-16 23:00:00+00:00| published-proof-of-concept|...

CVE-2019-11380

The CVE-2019-11380 issue affects the Android app ES File Explorer File Manager (version 4.2.0.1.3). The master-password protection can be bypassed via the com.estrongs.android.pop.ftp.ESFtpShortcut intent, which leads to remote FTP access to the user’s entire local storage. This vulnerability is ...

UBUNTU-CVE-2018-11380

The parseimportptr function in radare2 2.5.0 allows remote attackers to cause a denial of service heap-based out-of-bounds read and application crash via a crafted Mach-O file...

CVE-2017-11380

The connected CORE advisory for Trend Micro Deep Discovery Director 1.1 details CVE-2017-11380 (backup archives encrypted with a static, hard-coded password) and CVE-2017-11381 (command injection during backup-restore accounts handling), enabling potential code execution with root privileges via ...

Trend Micro Deep Discovery Director Multiple Vulnerabilities

1. Advisory Information Title: Trend Micro Deep Discovery Director Multiple Vulnerabilities Advisory ID: CORE-2017-0005 Advisory URL:https://www.coresecurity.com/core-labs/advisories/trend-micro-deep-discovery-director-multiple-vulnerabilities Date published: 2017-07-12 Date of last update:...

videohelp.com XSS vulnerability

Vulnerable URL: http://www.videohelp.com/dvdplayers?DVDname=%22%3E%3Csvg/onload=prompt%28/XSSPOSED/%29%3E Details: Description| Value ---|--- Patched:| Yes, at 03.02.2016 Latest check for patch:| 03.02.2016 11:36 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...