WordPress Projectopia plugin <= 5.1.17 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by 0xd4rk5id3 in WordPress Plugin Projectopia versions = 5.1.17...

PT-2024-34307 · Unknown · Fluent Forms

Name of the Vulnerable Software and Affected Versions: Fluent Forms versions up to, and including, 5.1.18 Description: The issue is related to an insufficient capability check on the verifyRequest function, allowing Form Managers with a Subscriber-level access and above to modify the Mailchimp AP...

Oracle MySQL Server < 5.1.18 Information Disclosure Vulnerability

Oracle MySQL Server is prone to an information disclosure vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

[SECURITY] Fedora 29 Update: kernel-5.1.18-200.fc29

The kernel meta package...

MySQL 5.1 < 5.1.18 Multiple Vulnerabilities

The version of MySQL installed on the remote host reportedly is affected by several issues : - Evaluation of an 'IN' predicate with a decimal-valued argument causes a service crash. - A user can rename a table even though he does not have DROP privileges. - If a stored routine is declared as 'SQL...

CVE-2007-2693

MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement...

CVE-2007-2693

MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement...

CVE-2007-2583

The indecimal::set function in itemcmpfunc.cc in MySQL before 5.0.40, and 5.1 before 5.1.18-beta, allows context-dependent attackers to cause a denial of service crash via a crafted IF clause that results in a divide-by-zero error and a NULL pointer dereference...

Cross site scripting

Cross-site scripting XSS vulnerability in register.php in Phorum 5.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the vendor disputes this vulnerability, stating that "The characters are escaped properly...

CVE-2007-0769

Cross-site scripting XSS vulnerability in register.php in Phorum 5.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the vendor disputes this vulnerability, stating that "The characters are escaped properly...

CVE-2007-0767

Phorum CVE-2007-0767 is an XSS vulnerability in the core of Phorum prior to version 5.1.18, allowing remote attackers to inject arbitrary script or HTML via unspecified vectors. The available sources indicate impact to confidentiality, integrity, and availability (partial), with network access an...

CVE-2007-0769

Cross-site scripting XSS vulnerability in register.php in Phorum 5.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: the vendor disputes this vulnerability, stating that "The characters are escaped properly...

CVE-2007-0769

Phorum 5.1.18 contains an XSS vulnerability in register.php (CVE-2007-0769). The vulnerability is described as allowing remote attackers to inject arbitrary scripts/HTML via unspecified vectors. The vendor disputes the flaw, stating that characters are escaped properly. Public details do not spec...

CVE-2007-0767

Cross-site scripting XSS vulnerability in the core in Phorum before 5.1.18 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...