Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2026-1687)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1687 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Ja...

CVE-2026-1687 Tenda HG10 Boa Webserver formSamba command injection

A weakness has been identified in Tenda HG10 USHG7HG9HG10re300001138enxpon. Impacted is an unknown function of the file /boaform/formSamba of the component Boa Webserver. Executing a manipulation of the argument serverString can lead to command injection. It is possible to launch the attack...

MiracleLinux 4 : sudo-1.8.6p3-28.AXS4 (AXSA:2017-1687:02)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2017-1687:02 advisory. Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all...

MiracleLinux 4 : firefox-17.0.7-1.0.1.AXS4, xulrunner-17.0.7-1.0.1.AXS4 (AXSA:2013-543:06)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-543:06 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

MiracleLinux 3 : firefox-17.0.7-1.0.1.AXS3, xulrunner-17.0.7-1.0.1.AXS3 (AXSA:2013-552:05)

The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-552:05 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. Security issues fixed with this releas...

CVE-2024-1687

The Thank You Page Customizer for WooCommerce – Increase Your Sales plugin for WordPress is vulnerable to unauthorized execution of shortcodes due to a missing capability check on the gettexteditorcontent function in all versions up to, and including, 1.1.2. This makes it possible for authenticat...

CVE-2022-1687

The Logo Slider WordPress plugin through 1.4.8 does not sanitise and escape the lspsliderid parameter before using it in a SQL statement via the Manage Slider Images admin page, leading to an SQL Injection...

Linux Distros Unpatched Vulnerability : CVE-2008-1687

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 1 maketemp and 2 mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent...

CVE-2025-1687

The Cardealer theme for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.4. This is due to missing nonce validation on the 'updateuserprofile' function. This makes it possible for unauthenticated attackers to update the user email and password via a forg...

Rocky Linux 8 : nodejs:20 (RLSA-2024:1687)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:1687 advisory. - The Node.js Permission Model does not clarify in the documentation that wildcards should be only used as the last character of a file path. For exampl...

Oracle Linux 8 : nodejs:20 (ELSA-2024-1687)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1687 advisory. - Fixes: CVE-2024-21892 CVE-2024-21896 CVE-2024-22017 CVE-2024-22019 high Tenable has extracted the preceding description block directly from the Oracl...

CVE-2024-1687

creationtimestamp| type| source ---|---|--- 2024-02-27 07:26:47+00:00| seen| https://t.me/ctinow/194049 2024-02-27 07:31:52+00:00| seen| https://t.me/ctinow/194053 2024-03-14 10:51:59+00:00| seen| https://t.me/ctinow/207619...

CVE-2024-1687

CVE-2024-1687 (Thank You Page Customizer for WooCommerce – Increase Your Sales) is a WordPress plugin vulnerability reported by RH: The issue is unauthorized execution of shortcodes due to a missing capability check on get_text_editor_content() in all versions up to 1.1.2. Root cause: lack of pro...

SUSE: Security Advisory (SUSE-SU-2023:1687-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-1687

A vulnerability classified as problematic has been found in SourceCodester Simple Task Allocation System 1.0. Affected is an unknown function of the file LoginRegistration.php?a=registeruser. The manipulation of the argument Fullname leads to cross site scripting. It is possible to launch the...

CVE-2023-1687

A vulnerability classified as problematic has been found in SourceCodester Simple Task Allocation System 1.0. Affected is an unknown function of the file LoginRegistration.php?a=registeruser. The manipulation of the argument Fullname leads to cross site scripting. It is possible to launch the...

CVE-2023-1687 SourceCodester Simple Task Allocation System cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Simple Task Allocation System 1.0. Affected is an unknown function of the file LoginRegistration.php?a=registeruser. The manipulation of the argument Fullname leads to cross site scripting. It is possible to launch the...

Debian: Security Advisory (DSA-1950-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-2220-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-1988-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...