CVE-2023-32104

Cross-Site Request Forgery CSRF vulnerability in Mark Tilly MyCurator Content Curation plugin = 3.74 versions...

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

CVE-2024-31224

GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gptacademic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...

CVE-2024-31224

GPT Academic’s CVE-2024-31224 affects versions 3.64–3.73 of the GPT Academic interface. The root cause is unsafe deserialization of data from the client, which may allow remote code execution when the service is exposed to the Internet. The issue is mitigated by upgrading to version 3.74, which c...

CVE-2024-31224 GPT Academic: Pickle deserializing cookies may pose RCE risk

GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gptacademic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

PT-2023-19518 · Zumtobel · Zumtobel Netlink Ccd Onboard

Name of the Vulnerable Software and Affected Versions: Zumtobel Netlink CCD Onboard version 3.74 Description: A buffer overflow issue was discovered in the NetlinkWeb::Information::SetDeviceIdentification component. This issue affects the specified version of the Zumtobel Netlink CCD Onboard...

PT-2023-18907 · Zumtobel · Zumtobel Netlink Ccd Onboard

Name of the Vulnerable Software and Affected Versions: Zumtobel Netlink CCD Onboard versions 3.74 through 3.79 Description: A command injection issue was discovered via the NetHostname parameter. This allows for potential exploitation. Recommendations: For Zumtobel Netlink CCD Onboard versions 3....

Zumtobel Netlink CCD Onboard Security Breach

The Zumtobel Netlink CCD Onboard is a gateway control unit device from Zumtobel Austria. A security vulnerability exists in the Zumtobel Netlink CCD Onboard 3.74 onboard version 3.80 firmware version, which originates when the system contains hard-coded credentials for the administrator account...

CVE-2023-32104 WordPress MyCurator Content Curation Plugin <= 3.74 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Mark Tilly MyCurator Content Curation plugin = 3.74 versions...

WordPress Plugin MyCurator Content Curation 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

PT-2023-23614 · Mark Tilly · Mycurator Content Curation Plugin

Name of the Vulnerable Software and Affected Versions: Mark Tilly MyCurator Content Curation plugin versions = 3.74 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended action...

Popup Builder < 3.74 - Authenticated Reflected Cross-Site Scripting (XSS)

The "All Subscribers" setting page of Popup Builder was vulnerable to reflected Cross-Site Scripting. http://example.com/wp-admin/edit.php?posttype=popupbuilder&page=sgpbSubscribers&sgpb-subscribers-date=%22%3E%3Cscript%3Ealert%28origin%29%3C%2Fscript%3E Video:...

Popup Builder < 3.74 - Authenticated Reflected Cross-Site Scripting (XSS)

The "All Subscribers" setting page of Popup Builder was vulnerable to reflected Cross-Site Scripting. PoC http://example.com/wp-admin/edit.php?posttype=popupbuilder=sgpbSubscribers&sgpb-subscribers-date;=%22%3E%3Cscript%3Ealert%28origin%29%3C%2Fscript%3E Video:...

Design/Logic Flaw

Untrusted search path vulnerability in Apsaly before 3.74 allows local users to gain privileges via a Trojan horse executable file in the current working directory...

SigPlus Pro ActiveX Control 'LCDWriteString()' Buffer Overflow Vulnerability

This host is installed with SigPlus Pro ActiveX Control and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsigplusproactivexcontrolbofvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ SigPlus Pro ActiveX Control 'LCDWriteString' Buffer Overflow Vulnerability Authors: Soor...