EUVD-2011-2703

Malware in sbrugna...

EUVD-2008-0285

Malware in sbrugna...

EUVD-2007-5573

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-14867

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function...

WordPress 4.7.x < 4.7.24 Multiple Vulnerabilities

According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A SQL injection vulnerability within the Link API. - A Cross-Site Scripting XSS vulnerability on the Plugins screen. - An output escaping issue within themeta. Note that t...

phpMyAdmin 4.7.x < 4.8.4 Cross-Site Request Forgery

The version of phpMyAdmin installed on the remote host is affected by a Cross-Site Request Forgery XSRF/CSRF vulnerability leading to injection of harmful SQL queries. vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-report...

phpMyAdmin 4.7.x < 4.7.8 Cross-Site Scripting

The version of phpMyAdmin installed on the remote host does not sanitize user input used for the dbcentralcolumns parameter leading to a Cross-Site Scripting XSS vulnerability. Note that the scanner has not tested for these issues but has instead relied only on the application's self-reported...

GHSA-2HP4-8H6H-93RR Typo3 Backend History Module Vulnerable to XSS

The Backend History Module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 does not properly restrict access, which allows remote authenticated editors to read the history of arbitrary records via a crafted URL...

GHSA-P9WG-JVJ4-CX26 Typo3 Install Tool XSS Vulnerability

Cross-site scripting XSS vulnerability in the Install Tool in TYPO3 4.5.x before 4.5.19, 4.6.x before 4.6.12 and 4.7.x before 4.7.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

GHSA-QMMW-CH2Q-J6XX Typo3 Backend API XSS Vulnerability

Cross-site scripting XSS vulnerability in the tree render API TCA-Tree in the Backend API in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 allows remote authenticated backend users to inject arbitrary web script or HTML via unspecified vectors...

GHSA-947M-VGQC-X6V4 Typo3 Backend History Module Vulnerable to SQL Injection

SQL injection vulnerability in the Backend History module in TYPO3 4.5.x before 4.5.21, 4.6.x before 4.6.14, and 4.7.x before 4.7.6 Due to missing encoding of user input, the history module is susceptible to SQL Injection and Cross-Site Scripting. A valid backend login is required to exploit this...

phpMyAdmin CSRF Vulnerability

phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users,...

GHSA-XWF2-53MC-R8HX phpMyAdmin CSRF Vulnerability

phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws. By deceiving a user into clicking on a crafted URL, it is possible to perform harmful SQL operations such as renaming databases, creating new tables/routines, deleting designer pages, adding/deleting users,...

GHSA-F9HX-5JQ4-FGJM phpMyAdmin CSRF Vulnerability

phpMyAdmin versions 4.7.x prior to 4.7.6.1/4.7.7 are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc...

phpMyAdmin CSRF Vulnerability

phpMyAdmin versions 4.7.x prior to 4.7.6.1/4.7.7 are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc...

CVE-2021-37155

wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS wolfSSL 4.6.x through 4.7.x before 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response. Remediation Upgrade wolfssl to version 4.8....

phpMyAdmin 4.7.x < 4.7.7 XSRF (PMASA-2017-9)

According to its self-reported version, the phpMyAdmin application hosted on the remote web server is 4.7.x prior to 4.7.7. It is, therefore, affected by a cross-site request forgery XSRF vulnerability. An unauthenticated, remote attacker can exploit this, by deceiving a user to click on a crafte...

WordPress Car Rental System 1.3 Cross Site Scripting

Exploit Title: WordPress Car Rental System 1.3 XSS Vunlerability Google Dork:N/A Date: 2020-04-04 Exploit Author: @ThelastVvV Vendor Homepage: https://codecanyon.net/item/car-rental-system-wordpress-plugin/4239755?srank=3 Version: 1.3 Tested on: 5.4.0-kali4-amd64...

Huawei EulerOS: Security Advisory for ipa (EulerOS-SA-2020-1107)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...