103 matches found
CVE-2024-2702
Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...
Linux Distros Unpatched Vulnerability : CVE-2020-2702
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.36, prior to...
CVE-2013-2702
Cross-site request forgery CSRF vulnerability in the Easy AdSense Lite plugin before 6.10 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that modify this plugin's settings...
CVE-2025-2702
A vulnerability, which was classified as critical, has been found in Softwin WMX3 3.1. This issue affects the function ImageAdd of the file /ImageAdd.ashx. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to t...
CVE-2025-2702 Softwin WMX3 ImageAdd.ashx ImageAdd unrestricted upload
A vulnerability, which was classified as critical, has been found in Softwin WMX3 3.1. This issue affects the function ImageAdd of the file /ImageAdd.ashx. The manipulation of the argument File leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to t...
CVE-2025-2702
CVE-2025-2702 affects Softwin WMX3 3.1 ; the ImageAdd.ashx endpoint’s function ImageAdd allows unrestricted upload by manipulating the File argument. This enables remote arbitrary file upload. Exploit has been disclosed publicly. Vendor did not respond to disclosure. No remediation details provid...
CVE-2020-2702
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracl...
CVE-2023-2702
creationtimestamp| type| source ---|---|--- 2025-01-17 17:57:10+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2177...
RHEL 5 : kdelibs (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - kdelibs: kssl incorrect verification of SSL certificate with NUL in subjectAltName CVE-2009-2702 - kf5-ki...
CVE-2024-2702
Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...
CVE-2024-2702 WordPress Olive One Click Demo Import plugin <= 1.1.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1...
CVE-2024-2702
CVE-2024-2702 covers Olive One Click Demo Import (Olive Themes) with Missing Authorization that enables importing settings/data and leads to XSS on versions up to 1.1.1. Public sources confirm a patch in 1.1.2. Remediation: upgrade to Olive One Click Demo Import 1.1.2 or apply vendor-provided fix...
WordPress Olive One Click Demo Import Plugin <= 1.1.1 is vulnerable to Broken Access Control
Software Olive One Click Demo Import Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-2702 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 277d1e4e3b86 Credits Yudistira Arya...
Malicious code in wlwz-2312-2702 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b3c2a7b12e967fa74c83c27f83c69393534331cfba0b44f08d39347afd7fa1e7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-415 Malicious code in wlwz-2312-2702 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b3c2a7b12e967fa74c83c27f83c69393534331cfba0b44f08d39347afd7fa1e7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2023-2702)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-2702
Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass. This issue affects Competition Management System: before 23.07...
CVE-2023-2702
CVE-2023-2702 concerns the Finex Media Competition Management System, where an authorization bypass via a user-controlled key leads to authentication abuse. Affected versions are prior to 23.07. The CVSS 3.1 base score is 8.8 (High) with NETWORK attack vector, LOW access complexity, and impacts t...
CVE-2023-2702 IDOR in Finex Media's Competition Management System
Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass. This issue affects Competition Management System: before 23.07...
CVE-2023-2702 IDOR in Finex Media's Competition Management System
Authorization Bypass Through User-Controlled Key vulnerability in Finex Media Competition Management System allows Authentication Abuse, Authentication Bypass. This issue affects Competition Management System: before 23.07...