EUVD-2024-28175

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2021-20330

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An attacker with basic CRUD permissions on a replicated collection can run the applyOps command with specially malformed oplog entries, resulting in a potential...

CVE-2024-32090

Cross-Site Request Forgery CSRF vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.0.27...

PT-2024-24395 · Unknown · Andy Moyle Church Admin

Name of the Vulnerable Software and Affected Versions: Andy Moyle Church Admin versions 4.0.27 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web applicati...

WordPress Church Admin Plugin <= 4.0.27 is vulnerable to Cross Site Request Forgery (CSRF)

Software Church Admin Type Plugin Vulnerable versions = 4.0.27 Fixed in 4.0.28 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-32090 Patch priority Low CVSS severity Low 4.3 Developer Andy Moyle PSID 74fcfce5e41d Credits Dhabaleshwar Das Required...

CVE-2024-30244

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.0.27...

CVE-2024-30244

CVE-2024-30244 affects the WordPress plugin Church Admin (versions

PT-2024-23291

Name of the Vulnerable Software and Affected Versions Andy Moyle Church Admin versions 4.0.27 and earlier Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecti...

VulnCheck KEV: CVE-2024-30244

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.0.27...

WordPress Church Admin Plugin <= 4.0.27 is vulnerable to SQL Injection

Software Church Admin Type Plugin Vulnerable versions = 4.0.27 Fixed in 4.0.28 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-30244 Patch priority Medium CVSS severity Medium 8.5 Developer Andy Moyle PSID f10836385922 Credits LVT-tholv2k Required privilege Contributor...

Gentoo Security Advisory GLSA 200605-13 (MySQL)

The remote host is missing updates announced in advisory GLSA 200605-13. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MySQL安全调用特权提升漏洞

MySQL是一款开放源代码的数据库程序。 MySQL在部分函数过程中不正确恢复访问特权，远程攻击者可以利用漏洞提升权限，进行其他攻击。 目前没有详细漏洞细节提供。 MySQL AB MySQL 5.1.17 MySQL AB MySQL 5.1.16 MySQL AB MySQL 5.1.15 MySQL AB MySQL 5.1.14 MySQL AB MySQL 5.1.13 MySQL AB MySQL 5.1.12 MySQL AB MySQL 5.1.11 MySQL AB MySQL 5.1.10 MySQL AB MySQL 5.1.9 MySQL AB MySQL 5.1...