CVE-2024-12538

creationtimestamp| type| source ---|---|--- 2025-01-07 03:36:02+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/281 2025-01-07 03:58:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113785064291904237 2025-01-07 04:15:49+00:00| seen|...

CVE-2024-12538 Duplicate Post, Page and Any Custom Post <= 3.5.5 - Authenticated (Contributor+) Post Disclosure via Post Duplication

The Duplicate Post, Page and Any Custom Post plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.5 via the 'dppduplicateasdraft' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-12538 Duplicate Post, Page and Any Custom Post <= 3.5.5 - Authenticated (Contributor+) Post Disclosure via Post Duplication

The Duplicate Post, Page and Any Custom Post plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.5.5 via the 'dppduplicateasdraft' function. This makes it possible for authenticated attackers, with Contributor-level access and above, to...

CVE-2024-12538

CVE-2024-12538 (WordPress) affects the Duplicate Post, Page and Any Custom Post plugin. According to the provided sources, it exposes sensitive information from draft, scheduled (future), private, and password-protected posts via the dpp_duplicate_as_draft function. The issue requires authenticat...

Security Bulletin: Multiple vulnerabilities in Jasper used in Jetty 8.1.3 Server where Rational Synergy is deployed

Summary There are multiple vulnerabilities in Jasper, Version 2 Service Refresh 2 Fix Pack 2, used by Jetty 8.1.3 is affecting IBM Rational Synergy. Vulnerability Details The following are the list of vulnerabilities affecting IBM Rational Synergy: CVEID: CVE-2018-12538 DESCRIPTION: Eclipse Jetty...

Security Bulletin: Multiple Security Vulnerabilities in Jetty Affect IBM Sterling B2B Integrator

Summary There are multiple security vulnerabilities in Jetty that affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2017-7658 DESCRIPTION: Eclipse Jetty is vulnerable to HTTP request smuggling, caused by a flaw when handling more than one Content-Length headers. By sending a...

CVE-2019-12538

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3. There is XSS via the SiteLookup.do search field...

Zoho ManageEngine ServiceDesk Plus 9.3 - (SiteLookup.do) Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SiteLookup.do Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho...

Zoho ManageEngine ServiceDesk Plus 9.3 - SiteLookup.do Cross-Site Scripting

Zoho ManageEngine ServiceDesk Plus 9.3 - SiteLookup.do Cross-Site Scripting Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SiteLookup.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage:...

Zoho ManageEngine ServiceDesk Plus 9.3 - &#039;SiteLookup.do&#039; Cross-Site Scripting

Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SiteLookup.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho ManageEngine ServiceDesk Plus 9.3 CVE :...

Zoho ManageEngine ServiceDesk Plus 9.3 Cross Site Scripting

Exploit Title: Zoho ManageEngine ServiceDesk Plus 9.3 Cross-Site Scripting via SiteLookup.do Date: 2019-06-04 Exploit Author: Tarantula Team - VinCSS a member of Vingroup Vendor Homepage: https://www.manageengine.com/products/service-desk Version: Zoho ManageEngine ServiceDesk Plus 9.3 CVE :...

Fedora Update for jetty FEDORA-2018-93a507fd0f

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : jetty (2018-93a507fd0f)

Update to upstream version 9.4.11. Fixes CVE-2017-7656, CVE-2017-7657, CVE-2017-7658, CVE-2018-12538. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

CVE-2018-12538

In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's...

CVE-2018-12538

CVE-2018-12538 affects Eclipse Jetty 9.4.0–9.4.8 when using the FileSessionDataStore for HttpSession persistence. A malicious user could hijack or delete other users’ sessions via the FileSystem storage, due to a flaw in the FileSessionDataStore. Remediation noted in public advisories: upgrade Je...

CVE-2017-12538

CVE-2017-12538 describes a Remote Code Execution in Hewlett Packard Enterprise’s Intelligent Management Center (iMC) PLAT, specifically version PLAT 7.3 (E0504). The issue enables an attacker to run arbitrary code on the target through flaws in iMC PLAT, with the impact noted as high (C/H/I/A) in...

CVE-2020-12538

CVE-2020-12538 is rejected and not used per the Initial Description.