21 matches found
CVE-2026-42458
Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to 20.18.0, there is a reflected XSS vulnerability under admin panel - System - Import/Export -...
CVE-2022-42458
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...
EUVD-2025-42458
Malicious code in putri-gudeg98-riris npm...
Linux Distros Unpatched Vulnerability : CVE-2024-42458
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369. CVE-2024-42458 Note that Nessus...
Fedora 40 : neatvnc (2024-1fbf7f22e0)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-1fbf7f22e0 advisory. new version RHBZ 2302449,2302450 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
CVE-2024-42458
creationtimestamp| type| source ---|---|--- 2024-08-02 07:19:47+00:00| seen| https://t.me/cvedetector/2325 2024-08-08 14:30:36+00:00| seen| https://t.me/MrVGunz/1241 2024-08-10 21:41:30+00:00| seen| https://t.me/HackingInsights/9235...
CVE-2024-42458
server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...
CVE-2024-42458
server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...
CVE-2024-42458
server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...
CVE-2024-42458
server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...
CVE-2024-42458
server.c in Neat VNC aka neatvnc before 0.8.1 does not properly validate the security type, a related issue to CVE-2006-2369...
CVE-2023-42458
creationtimestamp| type| source ---|---|--- 2023-09-22 14:13:19+00:00| seen| https://t.me/cibsecurity/70910...
plone.restapi vulnerable to Stored Cross Site Scripting with SVG image in user portrait
Impact There is a stored cross site scripting vulnerability for SVG images uploaded in user portraits. Note that a page that uses an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the vulnerability, an attacker would first ne...
GHSA-HC5C-R8M5-2GFH plone.restapi vulnerable to Stored Cross Site Scripting with SVG image in user portrait
Impact There is a stored cross site scripting vulnerability for SVG images uploaded in user portraits. Note that a page that uses an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the vulnerability, an attacker would first ne...
CVE-2023-42458 Zope vulnerable to Stored Cross Site Scripting with SVG images
Zope is an open-source web application server. Prior to versions 4.8.10 and 5.8.5, there is a stored cross site scripting vulnerability for SVG images. Note that an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the...
CVE-2023-42458
CVE-2023-42458 affects the Zope web application server. A stored cross-site scripting (XSS) vulnerability exists for SVG images in versions prior to 4.8.10 and 5.8.5. An attacker would need to upload an image and lure a user to click a crafted link to trigger the vulnerability; however, an image ...
CVE-2022-42458
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...
CVE-2022-42458
Authentication bypass using an alternate path or channel vulnerability in bingo!CMS version1.7.4.1 and earlier allows a remote unauthenticated attacker to upload an arbitrary file. As a result, an arbitrary script may be executed and/or a file may be altered...
CVE-2022-42458
CVE-2022-42458 affects bingo!CMS versions 1.7.4.1 and earlier, where an authentication bypass vulnerability in management functions allows remote, unauthenticated attackers to upload arbitrary files, potentially enabling arbitrary script execution or file modification. The Red Hat and JVN entries...
CVE-2022-42458
creationtimestamp| type| source ---|---|--- 2022-10-11 07:00:07+00:00| published-proof-of-concept| https://t.me/TopCyberTechNews/175 2022-12-07 12:24:52+00:00| seen| https://t.me/cibsecurity/54119...