22 matches found
CVE-2026-12979
The FunnelKit WordPress plugin before 3.15.0.6 does not validate a user-supplied path before deleting a file during a template-import operation, allowing users with administrator privileges to delete arbitrary .json files outside the intended directory through path traversal, which can disable...
CVE-2025-12979
creationtimestamp| type| source ---|---|--- 2025-11-13 04:25:39+00:00| seen| https://bsky.app/profile/jos1264.social.skynetcloud.site.ap.brid.gy/post/3m5id4vog7ia2 2025-11-13 06:53:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3m5ilfrp3vb2u...
CVE-2024-12979
A vulnerability was found in code-projects Job Recruitment 1.0 and classified as problematic. This issue affects the function cnupdate of the file /parse/alledits.php. The manipulation of the argument cname leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
CVE-2024-12979
creationtimestamp| type| source ---|---|--- 2024-12-27 04:32:58+00:00| seen| https://infosec.exchange/users/cve/statuses/113722915450338331 2024-12-27 04:37:28+00:00| seen| https://infosec.exchange/users/cve/statuses/113722933120796706 2024-12-27 05:15:35+00:00| seen|...
CVE-2024-12979 code-projects Job Recruitment _all_edits.php cn_update cross site scripting
A vulnerability was found in code-projects Job Recruitment 1.0 and classified as problematic. This issue affects the function cnupdate of the file /parse/alledits.php. The manipulation of the argument cname leads to cross site scripting. The attack may be initiated remotely. The exploit has been...
Important: ImageMagick
Issue Overview: Integer overflow in MagickCore/profile.c in ImageMagick before 7.0.2-1 allows remote attackers to cause a denial of service segmentation fault or possibly execute arbitrary code via vectors involving the offset variable. CVE-2016-5841 ImageMagick 7.0.7-12 Q16, a CPU exhaustion...
CVE-2020-12979
...
Huawei EulerOS: Security Advisory for ImageMagick (EulerOS-SA-2020-1806)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-12979
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c...
ImageMagick < 7.0.8-35 Multiple vulnerabilities
The version of ImageMagick installed on the remote Windows host is prior to 7.0.8-35. It is, therefore, affected by multiple vulnerabilities: - A 'use of uninitialized value' vulnerability in the WriteJP2Image function in coders/jp2.c. CVE-2019-12977 - A 'use of uninitialized value' vulnerability...
CVE-2019-12979
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c...
CVE-2019-12979
CVE-2019-12979 : ImageMagick 7.0.8-34 contains a vulnerability in SyncImageSettings (MagickCore/image.c) caused by a use of an uninitialized value in AcquireImage. This can affect ImageMagick installations that process crafted images and is rated with partial impacts to confidentiality, integrity...
CVE-2019-12979
ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c...
CVE-2018-12979
creationtimestamp| type| source ---|---|--- 2018-07-13 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/45014...
WAGO e!DISPLAY 7300T - Multiple Vulnerabilities
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Remote code execution via multiple attack vectors product: WAGO e!DISPLAY 7300T - WP 4.3 480x272 PIO1 vulnerable version: FW 01 - 01.01.1001 fixed version: FW 02 CVE...
CVE-2018-12979
An issue was discovered on WAGO e!DISPLAY 762-3000 through 762-3003 devices with firmware before FW 02. Weak permissions allow an authenticated user to overwrite critical files by abusing the unrestricted file upload in the WBM...
CVE-2018-12979
Affected product/versions: WAGO e!DISPLAY 762-3000 to 762-3003 with firmware before 02. Vulnerability: CVE-2018-12979, Incorrect default/critical resource permissions, enabling an authenticated user to overwrite files via the WBM upload path. Impact (per sources): potential unauthorized modificat...
WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution Vulnerabilities
WAGO e!DISPLAY 7300T WP 4.3 480x272 PIO1 version FW 01 - 01.01.1001 suffer from code execution, cross site scripting, weak permission, and remote file upload vulnerabilities. ======================================================================= title: Remote code execution via multiple attack...
WAGO e!DISPLAY 7300T XSS / File Upload / Code Execution
SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Remote code execution via multiple attack vectors product: WAGO e!DISPLAY 7300T - WP 4.3 480x272 PIO1 vulnerable version: FW 01 - 01.01.1001 fixed version: FW 02 CVE...
CVE-2017-12979
DokuWiki through 2017-02-19c has stored XSS when rendering a malicious language name in a code element, in /inc/parser/xhtml.php. An attacker can create or edit a wiki with this element to trigger JavaScript execution...