30 matches found
EUVD-2025-39359
Malicious code in tuti-tapai15-miaww npm...
CVE-2022-39359
Metabase is data visualization software. Prior to versions 0.44.5, 1.44.5, 0.43.7, 1.43.7, 0.42.6, 1.42.6, 0.41.9, and 1.41.9, custom GeoJSON map URL address would follow redirects to addresses that were otherwise disallowed, like link-local or private-network. This issue is patched in versions...
CVE-2025-39359
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in codeworkweb CWW Portfolio cww-portfolio allows PHP Local File Inclusion.This issue affects CWW Portfolio: from n/a through = 1.3.1...
CVE-2025-39359
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in codeworkweb CWW Portfolio cww-portfolio allows PHP Local File Inclusion.This issue affects CWW Portfolio: from n/a through = 1.3.1...
CVE-2025-39359
CVE-2025-39359 corresponds to a Local File Inclusion in WordPress Theme CWW Portfolio (WordPress plugin/theme) version 1.3.1 and earlier. The vulnerability arises from improper control of filenames in PHP Include/Require, enabling LFI. Connected patch/patchstack entries confirm affected software:...
CVE-2025-39359 WordPress CWW Portfolio theme <= 1.3.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in codeworkweb CWW Portfolio cww-portfolio allows PHP Local File Inclusion.This issue affects CWW Portfolio: from n/a through = 1.3.1...
CVE-2025-39359 WordPress CWW Portfolio theme <= 1.3.1 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in codeworkweb CWW Portfolio cww-portfolio allows PHP Local File Inclusion.This issue affects CWW Portfolio: from n/a through = 1.3.1...
WordPress CWW Portfolio Theme <= 1.3.1 is vulnerable to Local File Inclusion
Software CWW Portfolio Type Theme Vulnerable versions = 1.3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-39359 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID ee2d399fdc37 Credits Dimas Maulana Required privilege...
Linux Distros Unpatched Vulnerability : CVE-2021-39359
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNOME libgda through 6.0.0, gda-web-provider.c does not enable TLS certificate verification on the SoupSessionSync objects it creates, leaving users vulnerab...
CVE-2024-39359
CVE-2024-39359 describes a stack-based buffer overflow in the Wavlink AC3000 wireless.cgi DeleteMac() function (variant M33A8.V5030.210505). A specially crafted, authenticated HTTP request can trigger arbitrary code execution via uncontrolled copies in DeleteMac(), with evidence of an abuse chain...
Wavlink AC3000 wireless.cgi DeleteMac() buffer overflow vulnerability
Talos Vulnerability Report TALOS-2024-2040 Wavlink AC3000 wireless.cgi DeleteMac buffer overflow vulnerability January 14, 2025 CVE Number CVE-2024-39359 SUMMARY A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac functionality of Wavlink AC3000 M33A8.V5030.210505. A...
Debian DSA-5550-1 : cacti - security update
The remote Debian 11 / 12 host has a package installed that is affected by multiple vulnerabilities as referenced in the dsa-5550 advisory. Multiple security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in cross-site...
[SECURITY] [DSA 5550-1] cacti security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5550-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 08, 2023 https://www.debian.org/security/faq -...
Fedora: Security Advisory (FEDORA-2023-248dff7cbe)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for cacti-spine (FEDORA-2023-6335ea9c0c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for cacti (FEDORA-2023-06a2a6e03c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for cacti-spine (FEDORA-2023-06a2a6e03c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for cacti (FEDORA-2023-6335ea9c0c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-39359
creationtimestamp| type| source ---|---|--- 2023-09-06 00:17:18+00:00| seen| https://t.me/cibsecurity/69902...
DEBIAN-CVE-2023-39359
Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the graphs.php file. When dealing wit...