16 matches found
CVE-2020-37213
TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-byte payload and paste it into the activation field to trigger an application crash...
MAL-2025-37213 Malicious code in trisus (npm)
The package trisus was found to contain malicious code...
CVE-2024-37213
Cross-Site Request Forgery CSRF vulnerability in guru-aliexpress AliNext ali2woo-lite allows Cross Site Request Forgery.This issue affects AliNext: from n/a through = 3.4.6...
CVE-2024-37213
creationtimestamp| type| source ---|---|--- 2024-07-12 16:56:23+00:00| seen| https://t.me/cvedetector/754...
CVE-2024-37213
Cross-Site Request Forgery CSRF vulnerability in guru-aliexpress AliNext ali2woo-lite allows Cross Site Request Forgery.This issue affects AliNext: from n/a through = 3.4.6...
CVE-2024-37213
CVE-2024-37213 is described as a CSRF to XSS vulnerability in the WordPress plugin Ali2Woo Lite, affecting Ali2Woo Lite versions up to 3.3.9. The connected sources confirm the issue type and affected version range but do not provide a public fix version or detailed root-cause exploitation steps w...
WordPress Ali2Woo Lite Plugin <= 3.4.7 is vulnerable to Cross Site Request Forgery (CSRF)
Software Ali2Woo Lite Type Plugin Vulnerable versions = 3.4.7 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37213 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 1377af0c8513 Credits Majed Refaea Required...
CVE-2023-37213
creationtimestamp| type| source ---|---|--- 2023-07-30 12:30:51+00:00| seen| https://t.me/cibsecurity/67419...
CVE-2023-37213
Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection'...
CVE-2023-37213 Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection'
Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection'...
CVE-2023-37213 Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection'
Synel SYnergy Fingerprint Terminals - CWE-78: 'OS Command Injection'...
CVE-2023-37213
CVE-2023-37213 affects Synel SYnergy Fingerprint Terminals. The connected documents describe an OS Command Injection vulnerability (CWE-78) in the devices, with the issue enabling potential remote command execution via the OS shell. CVSS metrics from NVD/CNA indicate high impact on confidentialit...
CVE-2021-37213
The check-in record page of Flygo contains Insecure Direct Object Reference IDOR vulnerability. After being authenticated as a general user, remote attackers can manipulate the employee ID and date in specific parameters to access particular employee’s check-in record...
CVE-2021-37213
The CVE-2021-37213 entry concerns Flygo, an attendance/clocking system by Larvata. Affected component: the check-in record page where an authenticated general user can exploit an insecure direct object reference (IDOR) by altering parameters (employee ID and date) to access other employees’ check...
CVE-2021-37213 Larvata Digital Technology Co. Ltd. FLYGO - Use of Incorrectly-Resolved Name or Reference-2
The check-in record page of Flygo contains Insecure Direct Object Reference IDOR vulnerability. After being authenticated as a general user, remote attackers can manipulate the employee ID and date in specific parameters to access particular employee’s check-in record...
Microsoft IE CAttrArray对象远程代码执行漏洞(MS09-072)
BUGTRAQ ID: 37213 CVE ID: CVE-2009-3674 Internet Explorer是Windows操作系统中默认捆绑的WEB浏览器。 Internet Explorer在解除分配对CAttrArray对象的循环引用期间存在内存破坏漏洞。如果在关闭网页之前释放了CAttrArray对象,IE在解除分配循环指针期间会访问已释放的内存,这可能导致以当前登录用户的权限执行任意指令。 Microsoft Internet Explorer 8.0 临时解决方法: 将Internet...