📄 WordPress EventPrime 4.2.8.1 Arbitrary File Upload

WordPress EventPrime plugin versions 4.2.8.1 and below suffer from an unauthenticated arbitrary file upload vulnerability. CVE-2026-1657: Unauthenticated Arbitrary File Upload in EventPrime Plugin Disclaimer: This repository is created for educational purposes and ethical disclosure only. The...

Exploit for CVE-2026-1657

CVE-2026-1657 CVE-2026-1657 exp...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

CVE-2025-1657

The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to unauthorized modification of data and PHP Object Injection due to a missing capability check on the stmlistingajax AJAX action in all versions up to, and including, 2.2.0. This makes it possible for...

CVE-2025-1657

The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to unauthorized modification of data and PHP Object Injection due to a missing capability check on the stmlistingajax AJAX action in all versions up to, and including, 2.1.7. This makes it possible for...

CVE-2025-1657

creationtimestamp| type| source ---|---|--- 2025-03-15 02:45:40+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/7650 2025-03-15 03:48:54+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114164402365852016 2025-03-15 04:00:45+00:00| seen|...

CVE-2025-1657 Directory Listings WordPress plugin – uListing <= 2.1.7 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Meta Update and PHP Object Injection

The Directory Listings WordPress plugin – uListing plugin for WordPress is vulnerable to unauthorized modification of data and PHP Object Injection due to a missing capability check on the stmlistingajax AJAX action in all versions up to, and including, 2.1.7. This makes it possible for...

CVE-2025-1657

CVE-2025-1657 concerns the Directory Listings WordPress plugin – uListing for WordPress. The Red Hat and NVD entries, plus Wordfence details, state that all versions up to and including 2.1.7 are vulnerable due to a missing capability check on the stm_listing_ajax AJAX action. This allows authent...

Linux Distros Unpatched Vulnerability : CVE-2011-1657

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 ZipArchive::addGlob and 2 ZipArchive::addPattern functions in ext/zip/phpzip.c in PHP 5.3.6 allow context-dependent attackers to cause a denial of service...

CVE-2022-1657

Vulnerable versions of the Jupiter = 6.10.1 and JupiterX = 2.0.6 Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX theme, the jupiterxcploadpaneaction AJAX action present in the...

SUSE SLES12 Security Update : python3 (SUSE-SU-2024:1657-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:1657-1 advisory. - libexpat through 2.5.0 allows a denial of service resource consumption because many full reparsings are required in the case of a large...

CVE-2024-1657 Platform: insecure websocket used when interacting with eda server

A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of...

CVE-2024-1657

creationtimestamp| type| source ---|---|--- 2024-02-29 18:16:53+00:00| seen| https://t.me/ctinow/196889...

CVE-2024-1657

A flaw was found in the ansible automation platform. An insecure WebSocket connection was being used in installation from the Ansible rulebook EDA server. An attacker that has access to any machine in the CIDR block could download all rulebook data from the WebSocket, resulting in loss of...

CVE-2008-1657

creationtimestamp| type| source ---|---|--- 2023-12-17 23:26:59+00:00| seen| https://t.me/arpsyndicate/1865...

SUSE CVE-2011-1657

The 1 ZipArchive::addGlob and 2 ZipArchive::addPattern functions in ext/zip/phpzip.c in PHP 5.3.6 allow context-dependent attackers to cause a denial of service application crash via certain flags arguments, as demonstrated by a GLOBALTDIRFUNC and b GLOBAPPEND...

Amazon Linux AMI : postgresql92 (ALAS-2023-1657)

The version of postgresql92 installed on the remote host is prior to 9.2.24-3.68. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1657 advisory. When the server is configured to use trust authentication with a clientcert requirement or to use cert authentication, a...

CVE-2017-1657

The connected IBM Security Bulletin confirms CVE-2017-1657 affects IBM Resilient, where weaker than expected cryptographic algorithms could allow decrypting highly sensitive information. Affected versions are IBM Resilient 27.0–27.2 and 28.0–28.3. IBM has addressed the issue by updating to versio...

CVE-2022-1657 JupiterX Theme <= 2.0.6 and Jupiter Theme <= 6.10.1 - Authenticated Path Traversal and Local File Inclusion

Vulnerable versions of the Jupiter = 6.10.1 and JupiterX = 2.0.6 Themes allow logged-in users, including subscriber-level users, to perform Path Traversal and Local File inclusion. In the JupiterX theme, the jupiterxcploadpaneaction AJAX action present in the...

CVE-2022-1657

CVE-2022-1657 affects WordPress Jupiter and JupiterX themes. Vulnerable are Jupiter &lt;= 6.10.1 and JupiterX