WordPress Blocksy Companion Pro plugin <= 2.1.37 - Remote Code Execution (RCE) vulnerability

Remote Code Execution RCE vulnerability discovered by Nguyen Ba Khanh in WordPress Plugin Blocksy Companion Pro versions = 2.1.37...

IlchCMS 2.1.37 Cross Site Scripting

A cross site scripting vulnerability exists in IlchCMS version 2.1.37. The vulnerability allows remote attackers to inject arbitrary web script or HTML. This issue is older research added to the archive...

CVE-2023-38257

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to an insecure direct object reference vulnerability that could allow an unauthenticated user to view profile information, including user login names and encrypted passwords...

Design/Logic Flaw

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to an insecure direct object reference vulnerability that could allow an unauthenticated user to view profile information, including user login names and encrypted passwords...

Remote code execution

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a remote code execution vulnerability that could allow an unauthenticated user to upload a malicious payload and execute it...

Design/Logic Flaw

Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a cryptographic vulnerability that could allow an unauthenticated user to decrypt encrypted passwords into plaintext...

Iagona ScrutisWeb 代码问题漏洞

Iagona ScrutisWeb is a security solution from the French company Iagona. A code issue vulnerability exists in Iagona ScrutisWeb version 2.1.37 and prior versions. An attacker could exploit this vulnerability to upload and execute arbitrary files...

Iagona ScrutisWeb 信任管理问题漏洞

Iagona ScrutisWeb is a security solution from the French company Iagona. A security vulnerability exists in Iagona ScrutisWeb version 2.1.37 and earlier versions. An attacker exploited the vulnerability to decrypt encrypted passwords into plaintext...

PT-2023-4580 · Iagona · Iagona Scrutisweb

Name of the Vulnerable Software and Affected Versions: Iagona ScrutisWeb versions 2.1.37 and prior Description: The issue exists due to incorrect restriction of the path name to a directory with limited access. Exploitation of this issue may allow a remote attacker to gain direct access to any...

Security fix for the ALT Linux 9 package mailman version 5:2.1.37-alt1

5:2.1.37-alt1 built Nov. 19, 2021 Dmitry V. Levin in task 289143 Nov. 13, 2021 Dmitry V. Levin - 2.1.36 - 2.1.37 fixes bug in the fix for CVE-2021-43332...

mailman -- 2.1.37 fixes XSS via user options, and moderator offline brute-force vuln against list admin password

Mark Sapiro reports: A potential XSS attack via the user options page has been reported by Harsh Jaiswal. This is fixed. CVE-2021-43331 LP: 1949401. A potential for for a list moderator to carry out an off-line brute force attack to obtain the list admin password has been reported by Andre Protas...

IlchCMS 2.1.37 Cross Site Scripting

Information -------------------- Advisory by Netsparker Name: Cross-Site Scripting in IlchCMS Affected Software: IlchCMS Affected Versions: 2.1.37 Vendor Homepage: https://www.ilch.de/ Vulnerability Type: Cross-Site Scripting Severity: Important Status: Fixed CVSS Score 3.0: 7.4 High Netsparker...

Studio 42 elFinder on Windows Arbitrary File Deletion Vulnerability

Studio 42 elFinder on Windows is a Windows-based platform using jQuery and jQuery UI and written in JavaScript open source Web file manager . A security vulnerability exists in the 'zipdl' function of the elFinder.class.php file in versions of Studio 42 elFinder prior to 2.1.37 for Windows-based...