CVE-2026-1719

creationtimestamp| type| source ---|---|--- 2026-05-06 17:10:25+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml76ypc4is2l 2026-05-19 13:43:17+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mm7jibafts2j...

CVE-2026-1719 Gravity Bookings <= 2.5.9 - Unauthenticated SQL Injection via 'category_id' Parameter

The Gravity Bookings Premium plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.5.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attacke...

MAL-2026-1719 Malicious code in dstny (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f626d298a9c4cfb632526a78be22b6af5d196ba9b736ecfe9eab8daa2df73e99 The package dstny was found to contain malicious code...

CVE-2025-1719

IBM Concert Software versions 1.0.0–2.1.0 are affected by CVE-2025-1719 due to improper clearing of heap memory, which could allow a remote attacker to read sensitive information from allocated memory. The issue is documented across multiple sources (NVD/Red Hat/IBM) with IBM explicitly noting a ...

MiracleLinux 4 : java-1.6.0-openjdk-1.6.0.0-1.48.1.11.3.AXS4 (AXSA:2012-662:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2012-662:03 advisory. The OpenJDK runtime environment. Security issues fixed with this release: CVE-2012-1711 Unspecified vulnerability in the Java Runtime Environment JRE...

EUVD-2026-1719

In Yonyou YonBIP v3 and before, the LoginWithV8 interface in the series data application service system is vulnerable to path traversal, allowing unauthorized access to sensitive information within the system...

CVE-2024-1719

The Easy PayPal & Stripe Buy Now Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.8.3 and in Contact Form 7 – PayPal & Stripe Add-on all versions up to, and including 2.1. This is due to missing or incorrect nonce validation on the...

Linux Distros Unpatched Vulnerability : CVE-2012-1719

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 update 4 and earlier, 6 update 32 and earlier, 5 update 35 and...

CVE-2024-1719

creationtimestamp| type| source ---|---|--- 2024-02-28 11:31:31+00:00| seen| https://t.me/ctinow/195340 2024-02-28 11:31:35+00:00| seen| https://t.me/ctinow/195344...

CVE-2024-1719

CVE-2024-1719 affects the WordPress plugins by Easy PayPal & Stripe Buy Now Button (up to 1.8.3) and Contact Form 7 – PayPal & Stripe Add-on (up to 2.1). The root cause is missing or incorrect nonce validation in the function "wpecpp_stripe_connect_completion", enabling CSRF. As described, unauth...

WordPress Contact Form 7 – PayPal & Stripe Add-on Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Contact Form 7 – PayPal & Stripe Add-on Type Plugin Vulnerable versions = 2.1 Fixed in 2.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1719 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 07ee68186112 Credits...

WordPress Contact Form 7 – PayPal & Stripe Add-on Plugin <= 2.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Contact Form 7 – PayPal & Stripe Add-on Type Plugin Vulnerable versions = 2.1 Fixed in 2.2 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1719 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 94c20bfda2aa Credits...

CVE-2023-1719

creationtimestamp| type| source ---|---|--- 2023-11-01 13:21:47+00:00| seen| https://t.me/cibsecurity/73309 2023-11-04 17:44:37+00:00| seen| Telegram/993IQTAEI9abMkOWl8mkHJFNRp2-d18TbGN-UxF0pN3nA 2023-11-04 22:44:13+00:00| seen| https://t.me/poxek/3380 2023-11-04 23:56:08+00:00| seen|...

CVE-2023-1719

CVE-2023-1719 affects Bitrix24 22.0.300 and is caused by overwriting uninitialised variables in bitrix/modules/main/tools.php. This enables unauthenticated attackers to enumerate server attachments, inject arbitrary JavaScript in victims’ browsers, and potentially execute arbitrary PHP code on th...

CVE-2023-1719 Bitrix24 Insecure Global Variable Extraction

Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to 1 enumerate attachments on the server and 2 execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim ha...

CVE-2023-1719 Bitrix24 Insecure Global Variable Extraction

Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to 1 enumerate attachments on the server and 2 execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim ha...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server, which is a required product for, IBM Tivoli Network Manager IP Edition (CVE-2018-1719)

Summary IBM WebSphere Application Server is a required product for IBM Tivoli Network Manager IP Edition version 4.2. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security...

Amazon Linux AMI : openvpn (ALAS-2023-1719)

The version of openvpn installed on the remote host is prior to 2.4.12-1.43. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1719 advisory. OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of...

CVE-2022-1719

creationtimestamp| type| source ---|---|--- 2022-09-29 07:44:57+00:00| seen| https://t.me/cibsecurity/50675...

CVE-2022-1719

Reflected XSS on ticket filter function in GitHub repository polonel/trudesk prior to 1.2.2. This vulnerability is capable of executing a malicious javascript code in web page...