CVE-2023-45639

Cross-Site Request Forgery CSRF vulnerability in Codex-m Sort SearchResult By Title plugin = 10.0 versions...

CVE-2022-45639 affecting package sleuthkit 4.9.0-4

CVE-2022-45639 affecting package sleuthkit 4.9.0-4. This CVE either no longer is or was never applicable...

CVE-2023-45639

CVE-2023-45639 concerns the WordPress plugin Sort SearchResult By Title (Codex-m) with versions

WordPress Sort SearchResult By Title Plugin <= 10.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Sort SearchResult By Title Type Plugin Vulnerable versions = 10.0 Fixed in 11.0 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45639 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 3afb47c8e79f Credits Skalucy...

sleuthkit 4.11.1 - Command Injection Exploit

Exploit Title: sleuthkit 4.11.1 - Command Injection CVE-2022-45639 Vendor Homepage: https://github.com/sleuthkit Vulnerability Type: Command injection Attack Type: Local Version: 4.11.1 Exploit Author: Dino Barlattani, Giuseppe Granato Link poc: https://www.binaryworld.it/guidepoc.aspCVE-2022-456...

Sleuthkit 4.11.1 Command Injection

Exploit Title: sleuthkit 4.11.1 - Command Injection Date: 2023-01-20 CVE-2022-45639 Vendor Homepage: https://github.com/sleuthkit Vulnerability Type: Command injection Attack Type: Local Version: 4.11.1 Exploit Author: Dino Barlattani, Giuseppe Granato Link poc:...

CVE-2022-45639

creationtimestamp| type| source ---|---|--- 2023-01-24 07:25:30+00:00| seen| https://t.me/cibsecurity/56887...

CVE-2022-45639

SLEUTHKIT: CVE-2022-45639 affects the fls tool (SleuthKit) 4.11.1, enabling OS command injection via a crafted value to the -m parameter. The vulnerability stems from the handling of the input in the m field, potentially allowing an attacker to execute arbitrary commands on the host when run loca...

CVE-2022-45639

OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user...

CVE-2022-45639

OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute arbitrary commands via a crafted value to the m parameter. NOTE: third parties have disputed this because there is no analysis showing that the backtick command executes outside the context of the user...

CVE-2021-45639

CVE-2021-45639 describes a reflected cross-site scripting (XSS) vulnerability affecting a wide range of NETGEAR devices. The issue impacts multiple models (e.g., CBR40, EAX20, EAX80, EX6120/6130/7000/7500, R7000/7900/7960P/8000/AX families, XR300, EX3700, MR60, R6900P, R7000P, R8000P, RAXxx, RBR/...

CVE-2021-45639

Certain NETGEAR devices are affected by reflected XSS. This affects CBR40 before 2.5.0.10, EAX20 before 1.0.0.32, EAX80 before 1.0.1.62, EX6120 before 1.0.0.64, EX6130 before 1.0.0.44, EX7000 before 1.0.1.104, EX7500 before 1.0.0.72, R7000 before 1.0.11.110, R7900 before 1.0.4.30, R7960P before...