66 matches found
Debian dsa-6070 : gir1.2-javascriptcoregtk-4.0 - security update
The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6070 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6070-1 [email protected]...
Debian: Security Advisory (DSA-6070-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EUVD-2001-0572
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-6070
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logi...
CVE-2025-6070
The Restrict File Access plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.2 via the output function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server...
CVE-2025-6070 Restrict File Access <= 1.1.2 - Authenticated (Subscriber+) Arbitrary File Read
The Restrict File Access plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.2 via the output function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server...
CVE-2025-6070 Restrict File Access <= 1.1.2 - Authenticated (Subscriber+) Arbitrary File Read
The Restrict File Access plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 1.1.2 via the output function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to read the contents of arbitrary files on the server...
WordPress Restrict File Access plugin <= 1.1.2 - Authenticated (Subscriber+) Arbitrary File Read vulnerability
Authenticated Subscriber+ Arbitrary File Read vulnerability discovered by johska in WordPress Plugin Restrict File Access versions = 1.1.2...
CVE-2024-6070
The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...
WordPress If-So Dynamic Content Personalization Plugin < 1.8.0.4 is vulnerable to Cross Site Scripting (XSS)
Software If-So Dynamic Content Personalization Type Plugin Vulnerable versions 1.8.0.4 Fixed in 1.8.0.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6070 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID aeca1edb610d Credits...
CVE-2024-6070
The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...
CVE-2024-6070
The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...
CVE-2024-6070 if-so < 1.8.0.4 - Admin+ Stored XSS
The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...
CVE-2024-6070 if-so < 1.8.0.4 - Admin+ Stored XSS
The If-So Dynamic Content Personalization WordPress plugin before 1.8.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in...
CVE-2012-6070
creationtimestamp| type| source ---|---|--- 2024-02-23 18:11:32+00:00| seen| https://t.me/ctinow/191989...
CVE-2023-6070
creationtimestamp| type| source ---|---|--- 2023-12-20 10:11:48+00:00| seen| https://t.me/ctinow/156850...
CVE-2023-6070
The connected sources provide concrete details for CVE-2023-6070: an SSRF vulnerability in Trellix ESM (Enterprise Security Manager) versions prior to 11.6.8. A low-privileged authenticated user can upload arbitrary content through the certificate validation functionality, potentially altering co...
CVE-2023-48646
Zoho ManageEngine RecoveryManager Plus before 6070 allows admin users to execute arbitrary commands via proxy settings...
PT-2023-7559 · Zoho · Zoho Manageengine Recovery Manager Plus
Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine RecoveryManager Plus versions prior to 6070 Description: The issue allows admin users to execute arbitrary commands via proxy settings. This is due to a failure to neutralize special elements, which can be exploited by a...
ZOHO ManageEngine RecoveryManager Plus Security Vulnerability
ZOHO ManageEngine RecoveryManager Plus is a backup and recovery solution from ZOHO, Inc. A security vulnerability exists in ZOHO ManageEngine RecoveryManager Plus versions prior to 6070 that originates from allowing an administrator user to execute arbitrary commands via proxy settings...