10 matches found
CVE-2020-13128
An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java the servlet for handling file upload accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service...
WordPress LearnPress plugin < 4.2.7.5.1 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin LearnPress versions 4.2.7.5.1...
CVE-2024-13128 LearnPress – WordPress LMS Plugin < 4.2.7.5.1 - Admin+ Stored XSS
The LearnPress WordPress plugin before 4.2.7.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2020-13128
An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java the servlet for handling file upload accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service...
CVE-2020-13128
An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java the servlet for handling file upload accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service...
CVE-2020-13128
An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service.
CVE-2020-13128
An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java the servlet for handling file upload accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service...
CVE-2019-13128
An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03. There is a command injection in HNAP1 exploitable with Authentication via shell metacharacters in the IPAddress or Gateway field to SetStaticRouteSettings...
CVE-2019-13128
CVE-2019-13128 affects D-Link DIR-823G devices with firmware 1.02B03. The issue is a command injection in HNAP1 exploitable with Authentication , via shell metacharacters in the IPAddress or Gateway field to SetStaticRouteSettings . Public details report the impact as arbitrary command execution ...
CVE-2018-13128
Etherty Token ETY is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner...