96 matches found
CVE-2026-2743
Arbitrary File Write via Path Traversal upload to Remote Code Execution in SeppMail User Web Interface. The affected feature is the large file transfer LFT. This issue affects SeppMail: 15.0.2.1 and before...
CVE-2023-2743
The ERP WordPress plugin before 1.12.4 does not sanitise and escape the employeename parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2013-2743
importbuddy.php in the BackupBuddy plugin 1.3.4, 2.1.4, 2.2.25, 2.2.28, and 2.2.4 for WordPress allows remote attackers to bypass authentication via a crafted integer in the step parameter...
CVE-2005-2743
The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code...
CVE-2025-2743
creationtimestamp| type| source ---|---|--- 2025-03-25 07:23:58+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8622 2025-03-25 09:27:32+00:00| seen| https://t.me/cvedetector/21056...
CVE-2025-2743
A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...
CVE-2025-2743 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-temporary path traversal
A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...
CVE-2025-2743
CVE-2025-2743 affects zhijiantianya ruoyi-vue-pro 2.4.1. The vulnerability exists in the Material Upload Interface, specifically the endpoint /admin-api/mp/material/upload-temporary, where manipulation of the File argument leads to path traversal. Descriptions from multiple sources indicate remot...
CVE-2025-2743 zhijiantianya ruoyi-vue-pro Material Upload Interface upload-temporary path traversal
A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path...
Amazon Linux 2 : python3 (ALAS-2025-2743)
The version of python3 installed on the remote host is prior to 3.7.16-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2743 advisory. CPython 3.9 and earlier doesn't disallow configuring an empty list for SSLContext.setnpnprotocols which is an invalid value for th...
CVE-2024-2743
creationtimestamp| type| source ---|---|--- 2024-09-12 19:48:05+00:00| seen| https://t.me/cvedetector/5502...
CVE-2024-2743 Incorrect Authorization in GitLab
An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2 that would allow an attacker to modify an on-demand DAST scan without permissions and leak variables...
GitLab 13.3 < 17.1.7 / 17.2 < 17.2.5 / 17.3 < 17.3.2 (CVE-2024-2743)
The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue was discovered in GitLab-EE starting with version 13.3 before 17.1.7, 17.2 before 17.2.5, and 17.3 before 17.3.2 that would allow an attacker to modify an on-demand DAST scan without...
CVE-2019-2743
creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:23+00:00| published-proof-of-concept| https://t.me/BABATATASASA/5992...
Rocky Linux 8 : firefox (RLSA-2021:2743)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:2743 advisory. - A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. This bug could only be triggered wh...
CVE-2023-2743
The ERP WordPress plugin before 1.12.4 does not sanitise and escape the employeename parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2743 WP ERP < 1.12.4 - Reflected Cross-Site Scripting
The ERP WordPress plugin before 1.12.4 does not sanitise and escape the employeename parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2023-2743
CVE-2023-2743 affects the WordPress WP ERP plugin prior to version 1.12.4. The vulnerability is a Reflected Cross-Site Scripting caused by failing to sanitize/escape the employee_name parameter before echoing it on the page, potentially impacting high-privilege users (e.g., admins). Exploitation ...
K03444640: MySQL vulnerabilities CVE-2019-2740, CVE-2019-2741, CVE-2019-2743, CVE-2019-2746, and CVE-2019-2747
Security Advisory Description CVE-2019-2740 Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: XML. Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with...
CVE-2022-2743
creationtimestamp| type| source ---|---|--- 2023-01-03 11:58:14+00:00| seen| https://t.me/cibsecurity/55796...