18 matches found
EUVD-2025-35781
Not used...
CVE-2024-35781
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in YAHMAN Word Balloon allows PHP Local File Inclusion.This issue affects Word Balloon: from n/a through 4.21.1...
CVE-2024-35781
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in YAHMAN Word Balloon allows PHP Local File Inclusion.This issue affects Word Balloon: from n/a through 4.21.1...
CVE-2024-35781 WordPress Word Balloon plugin <= 4.21.1 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in YAHMAN Word Balloon allows PHP Local File Inclusion.This issue affects Word Balloon: from n/a through 4.21.1...
CVE-2024-35781 WordPress Word Balloon plugin <= 4.21.1 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in YAHMAN Word Balloon allows PHP Local File Inclusion.This issue affects Word Balloon: from n/a through 4.21.1...
CVE-2024-35781
CVE-2024-35781 is a Word Balloon WordPress plugin vulnerability (authenticated) that allows PHP Local File Inclusion due to improper pathname limitation. Affected: Word Balloon up to and including version 4.21.1. Root cause: path traversal restricting access to restricted directories is insuffici...
WordPress Word Balloon Plugin <= 4.21.1 is vulnerable to Local File Inclusion
Software Word Balloon Type Plugin Vulnerable versions = 4.21.1 Fixed in 4.22.0 OWASP Top 10 A6: Security Misconfiguration Classification Local File Inclusion CVE CVE-2024-35781 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2b66b1bcd514 Credits João Pedro S Alcântara...
CVE-2023-35781
creationtimestamp| type| source ---|---|--- 2023-07-11 12:42:59+00:00| seen| https://t.me/cibsecurity/66338...
CVE-2023-35781
Cross-Site Request Forgery CSRF vulnerability in LWS Cleaner plugin = 2.3.0 versions...
CVE-2023-35781 WordPress LWS Cleaner Plugin <= 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in LWS Cleaner plugin = 2.3.0 versions...
CVE-2023-35781
The CVE-2023-35781 entry concerns the WordPress plugin LWS Cleaner, affected versions
WordPress LWS Cleaner Plugin <= 2.3.0 is vulnerable to Cross Site Request Forgery (CSRF)
Software LWS Cleaner Type Plugin Vulnerable versions = 2.3.0 Fixed in 2.3.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-35781 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID eac11e5294d8 Credits konagash Required...
CVE-2022-35781
creationtimestamp| type| source ---|---|--- 2022-08-10 00:25:03+00:00| seen| https://t.me/cibsecurity/47801 2022-08-10 00:31:03+00:00| seen| https://t.me/cibsecurity/47820...
CVE-2022-35781
CVE-2022-35781 is listed across multiple feeds as an Elevation of Privilege vulnerability related to Microsoft Azure Site Recovery. Connected documents identify affected components (Azure Site Recovery/Open Management Infrastructure) and note privilege-escalation potential; a remediation path exi...
CVE-2022-35781 Azure Site Recovery Elevation of Privilege Vulnerability
...
CVE-2020-35781
NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of service...
CVE-2020-35781
NETGEAR NMS300 devices before 1.6.0.27 are affected by denial of service...
CVE-2020-35781
The CVE-2020-35781 entry affects NETGEAR NMS300 devices prior to firmware 1.6.0.27, with a denial-of-service impact. The connected documents confirm the affected product and version constraint but do not provide details on root cause, attack vectors, or available fixes. Practical implications are...