WordPress FooGallery plugin <= 2.4.29 - Insecure Direct Object Reference to Authenticated (Custom+) Arbitrary Post/Page Updates vulnerability

Insecure Direct Object Reference to Authenticated Custom+ Arbitrary Post/Page Updates vulnerability discovered by Stiofan in WordPress Plugin FooGallery versions = 2.4.29...

WordPress FooGallery plugin <= 2.4.29 - Authenticated (Custom+) Stored Cross-Site Scripting via Album Title Size vulnerability

Authenticated Custom+ Stored Cross-Site Scripting via Album Title Size vulnerability discovered by Stiofan in WordPress Plugin FooGallery versions = 2.4.29...

WordPress plugin FooGallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

WordPress plugin FooGallery 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

RHSA-2019:2946 Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 SP3 security update

Bulletin has no description...

WordPress plugin Piotnet Addons For Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2023-31805 · Unknown · Brizy – Page Builder

Name of the Vulnerable Software and Affected Versions: Brizy – Page Builder versions 2.4.29 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can...

WordPress Brizy Plugin <= 2.4.29 is vulnerable to Cross Site Scripting (XSS)

Software Brizy Type Plugin Vulnerable versions = 2.4.29 Fixed in 2.4.30 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-51396 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a61ae26c3500 Credits emad Required privilege Contributor Published ...

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15...

Church Management System 1.0 - SQL Injection (Authentication Bypass) + Arbitrary File Upload + RCE

Exploit Title: Church Management System 1.0 - SQL Injection Authentication Bypass + Arbitrary File Upload + RCE Date: 05-07-2021 Exploit Author: Eleonora Guardini eleguardini93 at gmail dot com or eleonora.guardini at dedagroup dot com Vendor Homepage: https://www.sourcecodester.com Software Link...

Church Management System 1.0 Shell Upload / SQL Injection

Exploit Title: Church Management System 1.0 - SQL Injection Authentication Bypass + Arbitrary File Upload + RCE Date: 05-07-2021 Exploit Author: Eleonora Guardini eleguardini93 at gmail dot com or eleonora.guardini at dedagroup dot com Vendor Homepage: https://www.sourcecodester.com Software Link...

Linux Kernel Multiple Local Denial of Service Vulnerabilities

Description Linux Kernel is prone to multiple local denial-of-service vulnerabilities. Local attackers can exploit these issues to cause denial-of-service conditions. Linux Kernel versions prior to 5.3.9 are vulnerable. Technologies Affected Linux kernel 2.0.0 Linux kernel 2.0.1 Linux kernel 2.0....

Apache httpd mod_auth_digest module remote security bypass vulnerability

Apache httpd is the United States Apache Apache Software Foundation, an open source HTTP server developed and maintained for modern operating systems. modauthdigest module is one of the HTTP cache filter module . A security vulnerability exists in the modauthdigest module in Apache httpd versions...

Apache HTTPD Remote Security Bypass Vulnerability

Apache httpd is the U.S. Apache Apache Software Foundation, an open source HTTP server developed and maintained specifically for modern operating systems. A security vulnerability exists in Apache httpd versions 2.4.0 through 2.4.29. An attacker can exploit this vulnerability by sending a special...

CVE-2017-15715

In Apache httpd 2.4.0 to 2.4.29, the expression specified in could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. This could be exploited in environments where uploads of some files are are externally blocked, but only by matching the...

CVE-2017-15710

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, modauthnzldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. If the header value is not present in the charset...

UBUNTU-CVE-2018-1283

In Apache httpd 2.4.0 to 2.4.29, when modsession is configured to forward its session data to CGI applications SessionEnv on, not the default, a remote user may influence their content by using a "Session" header. This comes from the "HTTPSESSION" variable name used by modsession to forward its...

UBUNTU-CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

Linux Kernel <= 2.4.29-rc2 uselib() Privilege Elevation

No description provided by source. / binfmtelf uselib VMA insert race vulnerability v1.08 gcc -O2 -fomit-frame-pointer elflbl.c -o elflbl Copyright c 2004 iSEC Security Research. All Rights Reserved. THIS PROGRAM IS FOR EDUCATIONAL PURPOSES ONLY IT IS PROVIDED AS IS AND WITHOUT ANY WARRANTY...

PaX Double-Mirrored VMA munmap Local Root Exploit

Exploit for linux platform in category local exploits ================================================= PaX Double-Mirrored VMA munmap Local Root Exploit ================================================= / PaX double-mirrored VMA munmap local root exploit Copyright C 2005 Christophe Devine This...