CVE-2023-4630

An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which any user can read limited information about any project's imports...

CVE-2024-4630

The Starter Templates — Elementor, WordPress & Beaver Builder Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘customuploadmimes’ function in versions up to, and including, 4.2.0 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2022-4630

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...

WordPress Starter Templates Plugin <= 4.2.1 is vulnerable to Cross Site Scripting (XSS)

Software Starter Templates Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4630 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 24edcd535038 Credits wesley wcraft Required...

CVE-2024-4630 Starter Templates — Elementor, WordPress & Beaver Builder Templates <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Starter Templates — Elementor, WordPress & Beaver Builder Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘customuploadmimes’ function in versions up to, and including, 4.2.0 due to insufficient input sanitization and output escaping. This makes it possible...

CVE-2023-4630

CVE-2023-4630 affects GitLab, where any user could read limited information about any project’s imports across multiple branches: versions 10.6–16.1.4, 16.2.0–16.2.4, and 16.3.0. The issue’s root cause is described in the sources as an information-disclosure flaw within project imports access. Re...

CVE-2023-4630 Missing Authorization in GitLab

An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which any user can read limited information about any project's imports...

CVE-2023-4630

An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which any user can read limited information about any project's imports...

Oracle Linux 7 : qemu (ELSA-2019-4630)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4630 advisory. - x86: Document CVE-2018-12126 CVE-2018-12130 CVE-2018-12127 CVE-2019-11091 as fixed Mark Kanda Orabug: 29744956 CVE-2018-12126 CVE-2018-12127...

GitLab 10.6 < 16.1.5 / 16.2 < 16.2.5 / 16.3 < 16.3.1 (CVE-2023-4630)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - An issue has been discovered in GitLab affecting all versions starting from 10.6 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which an...

SUSE: Security Advisory (SUSE-SU-2022:4630-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2022:4630-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:4630-1 advisory. - A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump n...

CVE-2022-4630

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...

CVE-2022-4630 Sensitive Cookie Without 'HttpOnly' Flag in lirantal/daloradius

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...

CVE-2022-4630

CVE-2022-4630 affects daloradius (GitHub repository lirantal/daloradius) with a missing HttpOnly flag on sensitive cookies prior to the master branch. Root cause: session cookie (PHPSESSID) transmitted without HttpOnly protection, enabling potential access to sensitive data. Documented impact ind...

CVE-2022-4630 Sensitive Cookie Without 'HttpOnly' Flag in lirantal/daloradius

Sensitive Cookie Without 'HttpOnly' Flag in GitHub repository lirantal/daloradius prior to master...

HP OfficeJet 4630/7110 MYM1FN2025AR/2117A - Stored Cross-Site Scripting (XSS)

Exploit Title: HP OfficeJet 4630/7110 MYM1FN2025AR 2117A – Stored Cross-Site Scripting XSS Date: 01/08/2021 Exploit Author: Tyler Butler Vendor Homepage: https://www8.hp.com/ Vendor Bulletin: https://support.hp.com/ie-en/document/ish4433829-4433857-16/hpsbpi03742 Researcher Bulletin:...

HP OfficeJet 4630/7110 MYM1FN2025AR/2117A - Stored Cross-Site Scripting Exploit

Exploit Title: HP OfficeJet 4630/7110 MYM1FN2025AR 2117A – Stored Cross-Site Scripting XSS Exploit Author: Tyler Butler Vendor Homepage: https://www8.hp.com/ Vendor Bulletin: https://support.hp.com/ie-en/document/ish4433829-4433857-16/hpsbpi03742 Researcher Bulletin:...

HP OfficeJet 4630/7110 MYM1FN2025AR 2117A Cross Site Scripting

Exploit Title: HP OfficeJet 4630/7110 MYM1FN2025AR 2117A – Stored Cross-Site Scripting XSS Date: 01/08/2021 Exploit Author: Tyler Butler Vendor Homepage: https://www8.hp.com/ Vendor Bulletin: https://support.hp.com/ie-en/document/ish4433829-4433857-16/hpsbpi03742 Researcher Bulletin:...

Unauthorized access vulnerability in HP Officejet 4630 e-All-in-One Printer series

The HP Officejet 4630 e-All-in-One Printer series is an all-in-one printer from HP Trading Shanghai Co. An unauthorized access vulnerability exists in the HP Officejet 4630 e-All-in-One Printer series, which can be exploited by attackers to obtain sensitive information...