54 matches found
MINI-5674-8JH2-534M
Bulletin has no description...
MINI-5674-XFC7-WWJX
Bulletin has no description...
EPSON Printers Uncontrolled Search Path Element (CVE-2020-5674)
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...
CVE-2025-5674
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file urinalysisform.php. The manipulation of the argument urinalysisid leads to sql injection. The attack may be launched remotel...
CVE-2025-5674
CVE-2025-5674 affects code-projects Patient Record Management System 1.0. The vulnerability is a SQL injection in urinalysis_form.php caused by lack of validation of the urinalysis_id parameter, enabling remote exploitation. Multiple connected sources (CNVD, Red Hat, CNVD/CVELIST mirrors, CNNVD, ...
CVE-2025-5674 code-projects Patient Record Management System urinalysis_form.php sql injection
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file urinalysisform.php. The manipulation of the argument urinalysisid leads to sql injection. The attack may be launched remotel...
CVE-2025-5674 code-projects Patient Record Management System urinalysis_form.php sql injection
A vulnerability was found in code-projects Patient Record Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file urinalysisform.php. The manipulation of the argument urinalysisid leads to sql injection. The attack may be launched remotel...
CVE-2024-5674
The Newsletter - API v1 and v2 addon plugin for WordPress is vulnerable to unauthorized subscribers management due to PHP type juggling issue on the checkapikey function in all versions up to, and including, 2.4.5. This makes it possible for unauthenticated attackers to list, create or delete...
CVE-2023-5674
The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...
CVE-2020-5674
Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...
CVE-2024-5674 Newsletter - API v1 and v2 addon for Newsletter <= 2.4.5 - Missing Authorization to Email Subscribers Management
The Newsletter - API v1 and v2 addon plugin for WordPress is vulnerable to unauthorized subscribers management due to PHP type juggling issue on the checkapikey function in all versions up to, and including, 2.4.5. This makes it possible for unauthenticated attackers to list, create or delete...
CVE-2024-5674 Newsletter - API v1 and v2 addon for Newsletter <= 2.4.5 - Missing Authorization to Email Subscribers Management
The Newsletter - API v1 and v2 addon plugin for WordPress is vulnerable to unauthorized subscribers management due to PHP type juggling issue on the checkapikey function in all versions up to, and including, 2.4.5. This makes it possible for unauthenticated attackers to list, create or delete...
WordPress Newsletter - API addon (Premium) Plugin <= 2.4.5 is vulnerable to Broken Access Control
Software Newsletter - API addon Premium Type Plugin Vulnerable versions = 2.4.5 Fixed in 2.4.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5674 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f2621f00fec2 Credits Arkadiusz...
Debian: Security Advisory (DSA-5674-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dsa-5674 : pdns-recursor - security update
The remote Debian 12 host has a package installed that is affected by a vulnerability as referenced in the dsa-5674 advisory. - A crafted response from an upstream server the recursor has been configured to forward-recurse to can cause a Denial of Service in the Recursor. The default configuratio...
Moderate: Red Hat Security Advisory: curl security and bug fix update
An update for curl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
CVE-2023-5674
creationtimestamp| type| source ---|---|--- 2023-12-26 20:26:51+00:00| seen| https://t.me/ctinow/159438 2024-01-04 21:22:08+00:00| seen| https://t.me/ctinow/163232 2024-01-19 14:11:31+00:00| seen| https://t.me/ctinow/170202...
CVE-2023-5674
The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...
CVE-2023-5674
The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...
CVE-2023-5674 WP Mail Log < 1.1.3 – Contributor+ SQL Injection in wml_logs/send_mail endpoint
The WP Mail Log WordPress plugin before 1.1.3 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as Contributor...