PT-2024-14922 · WordPress · Ongkos Kirim Kurir Instant

Name of the Vulnerable Software and Affected Versions: The Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo WordPress plugin versions prior to 2.2.25 Description: The issue is related to a Reflected Cross-Site Scripting problem. It occurs because the biteship error and biteship message...

aimmo (>=0.61.9 <=1.3.3b690), ambition-edc (>=0.3.68 <=0.3.72) +71 more potentially affected by CVE-2021-45452 via django (>=2.2.0 <=2.2.25)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-45452 Source advisory: OSV:GHSA-JRH2-HC4R-7JWX...

aimmo (>=0.61.9 <=1.3.3b690), ambition-edc (>=0.3.68 <=0.3.72) +71 more potentially affected by CVE-2021-45115 via django (>=2.2.0 <=2.2.25)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-45115 Source advisory: OSV:GHSA-53QW-Q765-4FWW...

aimmo (>=0.61.9 <=1.3.3b690), ambition-edc (>=0.3.68 <=0.3.72) +71 more potentially affected by CVE-2021-45452 via django (>=2.2.0 <=2.2.25)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-45452 Source advisory: OSV:PYSEC-2022-3...

aimmo (>=0.61.9 <=1.3.3b690), ambition-edc (>=0.3.68 <=0.3.72) +71 more potentially affected by CVE-2021-45116 via django (>=2.2.0 <=2.2.25)

django PYPI version =2.2.0, =0.61.9, =0.3.68, =0.14.0, =5.2.1, =0.1.0, =4.15.0, =4.15.0, =1.0.1, =1.0.0, =0.0.1, =0.0.1, =2.0.0, =2.2.0 - django-country-filter =0.0.1 and more Source cves: CVE-2021-45116 Source advisory: OSV:PYSEC-2022-2...

Security fix for the ALT Linux 9 package python3-module-django version 2.2.25-alt1

2.2.25-alt1 built Dec. 24, 2021 Alexey Shabalin in task 292358 Dec. 17, 2021 Alexey Shabalin - new version 2.2.25 - Fixes for the following security vulnerabilities: + CVE-2021-44420: Potential bypass of an upstream access control based on URL paths...

Apache HTTP Server Log Escape Filtering Vulnerability (Jul 2013) - Linux

Apache HTTP Server is prone to a log escape filtering vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

httpd: mod_dav DoS (httpd child process crash) via a URI MERGE request with source URI not handled by mod_dav

moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is configured for handling by the moddavsvn module, but a certain href...

[ MDVSA-2013:193 ] apache

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2013:193 http://www.mandriva.com/en/support/security/ Package : apache Date : July 11, 2013 Affected: Business Server 1.0, Enterprise Server 5.0 Problem Description: A vulnerability has been found and corrected i...

Mandriva Linux Security Advisory : apache (MDVSA-2013:193)

A vulnerability has been found and corrected in apache ASF HTTPD : moddav.c in the Apache HTTP Server before 2.2.25 does not properly determine whether DAV is enabled for a URI, which allows remote attackers to cause a denial of service segmentation fault via a MERGE request in which the URI is...

PT-2013-3440 · Apache +5 · Apache Http Server +5

Name of the Vulnerable Software and Affected Versions: Apache HTTP Server versions 2.2.x through 2.2.24 Description: The issue allows remote attackers to potentially execute arbitrary commands via an HTTP request containing an escape sequence for a terminal emulator. This is due to the mod rewrit...

Design/Logic Flaw

importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress does not require that authentication be enabled, which allows remote attackers to obtain sensitive information, or overwrite or delete files, via vectors involving a 1 direct request, 2 step=1 request,...