14 matches found
MAL-2025-36677 Malicious code in test-mlw2-zante-wetly (npm)
The package test-mlw2-zante-wetly was found to contain malicious code...
CVE-2024-36677
In the module "Login as customer PRO" loginascustomerpro 1.2.7 from Weblir for PrestaShop, a guest can access direct link to connect to each customer account of the Shop if the module is not installed OR if a secret accessible to administrator is stolen...
CVE-2024-36677
In the module "Login as customer PRO" loginascustomerpro 1.2.7 from Weblir for PrestaShop, a guest can access direct link to connect to each customer account of the Shop if the module is not installed OR if a secret accessible to administrator is stolen...
CVE-2024-36677
The CVE-2024-36677 affects Weblir’s PrestaShop module Login as customer PRO (versions
CVE-2022-36677
Obsidian Mind Map v1.1.0 allows attackers to execute arbitrary code via a crafted payload injected into an uploaded document...
CVE-2022-36677
Obsidian Mind Map v1.1.0 allows attackers to execute arbitrary code via a crafted payload injected into an uploaded document...
CVE-2022-36677
Obsidian Mind Map v1.1.0 allows attackers to execute arbitrary code via a crafted payload injected into an uploaded document...
CVE-2022-36677
CVE-2022-36677 : Obsidian Mind Map v1.1.0 is described as allowing arbitrary code execution via a crafted payload injected into an uploaded document. Multiple connected sources confirm this impact; the exact root cause is not detailed in the provided excerpts. CVSS v3.1 vectors suggest network at...
CVE-2023-36677
creationtimestamp| type| source ---|---|--- 2023-11-04 01:23:38+00:00| seen| https://t.me/cibsecurity/73550...
CVE-2023-36677
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Smartypants SP Project & Document Manager allows SQL Injection.This issue affects SP Project & Document Manager: from n/a through 4.67...
CVE-2023-36677
A vulnerability in smartypants SP Project & Document Manager sp-client-document-manager.This issue affects SP Project & Document Manager : from n/a through = 4.67...
CVE-2023-36677
CVE-2023-36677 concerns the WordPress SP Project & Document Manager plugin. The vulnerability is an SQL Injection caused by improper neutralization of special elements in an SQL command, affecting versions n/a through 4.67. The issue is categorized as high severity with potential impact to confid...
CVE-2023-36677 WordPress SP Project & Document Manager plugin <= 4.67 - SQL Injection
A vulnerability in smartypants SP Project & Document Manager sp-client-document-manager.This issue affects SP Project & Document Manager : from n/a through = 4.67...
WordPress SP Project & Document Manager Plugin <= 4.67 is vulnerable to SQL Injection
Software SP Project & Document Manager Type Plugin Vulnerable versions = 4.67 Fixed in 4.68 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-36677 Patch priority High CVSS severity High 8.3 Developer Claim ownership PSID 5776b5f22100 Credits Le Ngoc Anh Required privilege...