13 matches found
CVE-2024-29433
A deserialization vulnerability in the FASTJSON component of Alldata v0.4.6 allows attackers to execute arbitrary commands via supplying crafted data...
CVE-2023-29433
Missing Authorization vulnerability in 腾讯云 tencentcloud-cos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects tencentcloud-cos: from n/a through 1.0.7...
CVE-2023-29433
CVE-2023-29433 affects the WordPress tencentcloud-cos plugin (versions
CVE-2023-29433 WordPress tencentcloud-cos plugin <= 1.0.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in carsonxu tencentcloud-cos tencentcloud-cos allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects tencentcloud-cos: from n/a through = 1.0.7...
CVE-2024-29433
CVE-2024-29433 affects Alldata v0.4.6 via a deserialization vulnerability in the FASTJSON component, allowing attackers to execute arbitrary commands by supplying crafted data. Documents confirm the vulnerable software/version and the underlying cause; no details on exploitation methods beyond th...
WordPress tencentcloud-cos Plugin <= 1.0.7 is vulnerable to Broken Access Control
Software tencentcloud-cos Type Plugin Vulnerable versions = 1.0.7 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-29433 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID cfc9556a9211 Credits Mika Required privilege...
CVE-2022-29433
creationtimestamp| type| source ---|---|--- 2022-05-13 20:27:19+00:00| seen| https://t.me/cibsecurity/42691...
CVE-2022-29433
Authenticated contributor or higher role Cross-Site Scripting XSS vulnerability in Donations plugin = 1.8 on WordPress...
CVE-2022-29433
The CVE-2022-29433 entry concerns the WordPress Donations plugin (versions ≤ 1.8). The connected documents confirm an authenticated Stored Cross-Site Scripting (XSS) vulnerability where parameters are not properly sanitized/escaped, allowing a contributor+ (authenticated) user to trigger XSS. Imp...
CVE-2021-29433
Sydent is a reference Matrix identity server. In Sydent versions 2.2.0 and prior, sissing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion. A patch for the vulnerability i...
CVE-2021-29433
CVE-2021-29433 affects Sydent (Matrix identity server) for versions 2.2.0 and earlier, where insufficient input validation on endpoints used to confirm third-party identifiers could cause excessive disk space and memory use, leading to resource exhaustion. A fix is available in version 2.3.0; no ...
CVE-2021-29433 Denial of service (via resource exhaustion) due to improper input validation
Sydent is a reference Matrix identity server. In Sydent versions 2.2.0 and prior, sissing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion. A patch for the vulnerability i...
CVE-2021-29433
Removed by vendor...