CVE-2024-56237

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Contest Gallery Contest Gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through 24.0.3...

CVE-2024-56237

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through = 24.0.3...

CVE-2024-56237

CVE-2024-56237 pertains to the Contest Gallery WordPress plugin and is a Stored XSS in the Contest Gallery feature (Authenticated, Author+). Public description indicates an Improper Neutralization of Input During Web Page Generation vulnerability impacting Contest Gallery versions up to 24.0.3. T...

CVE-2024-56237 WordPress Contest Gallery plugin <= 24.0.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Contest Gallery Contest Gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through 24.0.3...

WordPress plugin Contest Gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

PT-2024-16462

Name of the Vulnerable Software and Affected Versions Contest-Gallery plugin for WordPress versions prior to 24.0.1 Contest-Gallery plugin for WordPress version 24.0.1 is not affected according to some sources, but others indicate versions up to and including 24.0.3 are vulnerable. Therefore,...

WordPress plugin Contest Gallery SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress Contest Gallery plugin <= 24.0.3 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by shaman0x01 in WordPress Plugin Contest Gallery versions = 24.0.3...

WordPress Contest Gallery Plugin <= 24.0.3 is vulnerable to SQL Injection

Software Contest Gallery Type Plugin Vulnerable versions = 24.0.3 Fixed in 24.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-10687 Patch priority High CVSS severity High 9.3 Developer Wasiliy Strecker PSID 3e91b10a855a Credits shaman0x01 Required privilege Unauthenticate...

Red Hat Keycloak 安全漏洞

Red Hat Keycloak is a suite of software from Red Hat USA that provides authentication and management capabilities for modern applications and services. A security vulnerability exists in Red Hat Keycloak version 24.0.3 and prior versions. An attacker could use this vulnerability to brute-force...

Vulnerabilities fixed in Adobe Animate

Adobe has fixed vulnerabilities in Animate. A malicious party could exploit the vulnerabilities to execute arbitrary code with the victim's privileges, potentially gaining access to sensitive data. Adobe has released updates to fix the vulnerabilities in Animate 23.0.6 and 24.0.3. For more...

CVE-2024-20739

Audition versions 24.0.3, 23.6.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2023-48634

Adobe After Effects versions 24.0.3 and earlier and 23.6.0 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a...

Cross site scripting

Adobe After Effects versions 24.0.3 and earlier and 23.6.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

Design/Logic Flaw

Adobe After Effects versions 24.0.3 and earlier and 23.6.0 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user...

CVE-2023-48632 ZDI-CAN-22172: Adobe After Effects AEP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

Adobe After Effects versions 24.0.3 and earlier and 23.6.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious...

PT-2023-8574 · Adobe · After Effects

Name of the Vulnerable Software and Affected Versions: Adobe After Effects versions 24.0.3 and earlier and 23.6.0 and earlier Description: The issue is related to improper input validation, which could result in arbitrary code execution in the context of the current user. Exploitation of this iss...

Adobe Premiere Pro Security Update (APSB23-65) - Windows

Adobe Premiere Pro is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:premierepro";...

Vulnerabilities fixed in Adobe Audition

Adobe has fixed vulnerabilities in Audition. A malicious person could exploit the vulnerabilities to gain access to system data, or to execute arbitrary code with privileges of the victim. Successful exploitation requires the malicious party to trick the victim into opening a rogue file. Adobe ha...

SUSE CVE-2022-39346

Nextcloud server is an open source personal cloud server. Affected versions of nextcloud server did not properly limit user display names which could allow a malicious users to overload the backing database and cause a denial of service. It is recommended that the Nextcloud Server is upgraded to...