CVE-2019-11590

The 10Web Form Maker plugin before 1.13.5 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $POST'action' value and the $GET'action' value, and the latter is...

CVE-2020-11590

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP GET request to HealthPage.aspx and obtain the internal server name...

CVE-2018-11590

Espruino before 1.99 allows attackers to cause a denial of service application crash with a user crafted input file via an integer overflow during syntax parsing. This was addressed by fixing stack size detection on Linux in jsutils.c...

Linux Distros Unpatched Vulnerability : CVE-2017-11590

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There is a NULL pointer dereference in the caselesshash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service...

CVE-2024-11590

A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Affected by this issue is some unknown functionality of the file /forgetpasswordprocess.php. The manipulation of the argument unm leads to sql injection. The attack may be launched...

CVE-2024-11590 1000 Projects Bookstore Management System forget_password_process.php sql injection

A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Affected by this issue is some unknown functionality of the file /forgetpasswordprocess.php. The manipulation of the argument unm leads to sql injection. The attack may be launched...

CVE-2024-11590 1000 Projects Bookstore Management System forget_password_process.php sql injection

A vulnerability, which was classified as critical, has been found in 1000 Projects Bookstore Management System 1.0. Affected by this issue is some unknown functionality of the file /forgetpasswordprocess.php. The manipulation of the argument unm leads to sql injection. The attack may be launched...

CVE-2024-11590

CVE-2024-11590 affects the 1000 Projects Bookstore Management System 1.0. A vulnerability exists in the forget_password_process.php functionality where manipulating the unm parameter leads to SQL injection. The issue can be exploited remotely, and exploits have been publicly disclosed. Connected ...

RHEL 7 : libgxps (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - libgxps: NULL pointer dereference in the caselesshash function CVE-2017-11590 Note that Nessus has not tested for...

Mageia: Security Advisory (MGASA-2017-0318)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-11590

An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP GET request to HealthPage.aspx and obtain the internal server name...

CVE-2020-11590

CVE-2020-11590 affects CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can issue an HTTP GET to HealthPage.aspx and obtain the internal server name, exposing server identity. The core issue is a information disclosure via HealthPage.aspx; CVSS vectors from the NVD indicate med...

Huawei EulerOS: Security Advisory for libgxps (EulerOS-SA-2019-2606)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libgxps (EulerOS-SA-2019-2416)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-11590

The 10Web Form Maker plugin for WordPress is affected by CVE-2019-11590 (versions

CVE-2018-11590

CVE-2018-11590 affects Espruino prior to 1.99. An attacker can cause a denial-of-service (application crash) via a crafted input file that triggers an integer overflow during syntax parsing. The issue was addressed by fixing stack size detection on Linux in jsutils.c. Connected documents corrobor...

MGASA-2017-0318 Updated libgxps packages fix security vulnerability

There is a NULL pointer dereference in the caselesshash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a denial of service attack CVE-2017-11590...

Fedora Update for libgxps FEDORA-2017-0ca78fabc5

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 26 : libgxps (2017-0ca78fabc5)

Update to 0.3.0 upstream release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 703...

CVE-2017-11590

There is a NULL pointer dereference in the caselesshash function in gxps-archive.c in libgxps 0.2.5. A crafted input will lead to a remote denial of service attack...