33 matches found
CVE-2025-6326 WordPress Inset theme <= 1.18.0 - Local File Inclusion Vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Inset inset allows PHP Local File Inclusion.This issue affects Inset: from n/a through = 1.18.0...
CVE-2023-6326
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.9.10. This is due to missing or incorrect nonce validation on the 'processbulkaction' function. This makes it possible for unauthenticated attackers...
CVE-2020-6326
SAP NetWeaver Knowledge Management, version-7.30,7.31,7.40,7.50, allows an authenticated attacker to create malicious links in the UI, when clicked by victim, will execute arbitrary java scripts thus extracting or modifying information otherwise restricted leading to Stored Cross Site Scripting...
CVE-2012-6326
VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service disk consumption via vectors that trigger large log entries...
CGA-6326-VCVP-J59P
Bulletin has no description...
CVE-2024-6326
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders wh...
CVE-2024-6326 Rockwell Automation Unsecured Private Keys in FactoryTalk® System Services
An exposure of sensitive information vulnerability exists in the Rockwell Automation FactoryTalk® System Service. A malicious user could exploit this vulnerability by starting a back-up or restore process, which temporarily exposes private keys, passwords, pre-shared keys, and database folders wh...
CVE-2023-6326
creationtimestamp| type| source ---|---|--- 2024-03-02 13:27:01+00:00| seen| https://t.me/ctinow/198348 2024-03-02 13:31:57+00:00| seen| https://t.me/ctinow/198353...
CVE-2023-6326
CVE-2023-6326 affects Master Slider – Responsive Touch Slider for WordPress. The issue is Cross-Site Request Forgery due to missing/incorrect nonce validation in process_bulk_action, enabling unauthenticated attackers to duplicate or delete sliders via forged admin actions. Public references (Red...
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM / 23.04 : GitPython vulnerability (USN-6326-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 ESM / 22.04 ESM / 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6326-1 advisory. It was discovered that GitPython did not block insecure options from user inputs in the clone command. An attacker cou...
CVE-2016-6326
CVE-2016-6326 is rejected/not used; this CVE entry does not represent an active vulnerability.
CVE-2020-6326
SAP NetWeaver Knowledge Management (versions 7.30, 7.31, 7.40, 7.50) is exposed to a Stored Cross-Site Scripting vulnerability (CVE-2020-6326) where an authenticated attacker can create a malicious UI link that, when clicked, executes arbitrary JavaScript and may extract or modify restricted info...
CVE-2019-6326
CVE-2019-6326 affects HP Color LaserJet Pro M280-M281 Multifunction Printer series (before v20190419) and HP LaserJet Pro MFP M28-M31 Printer series (before v20190426). The vulnerability is a Buffer Overflow in the device’s embedded web server, triggered by processing memory operations without pr...
CVE-2018-14308
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2018-14308
CVE-2018-14308 affects Foxit Reader (and Foxit PhantomPDF) with versions before 9.2.0.9097. The root cause is a use-after-free in valueAsString handling where the code does not verify an object exists before operating on it, allowing remote code execution when a user visits a malicious page or op...
CVE-2017-6326
CVE-2017-6326 affects Symantec Messaging Gateway. A command injection vulnerability allows an authenticated user to execute arbitrary OS commands on the web server (root context) via the backupNow.do flow due to insufficient input validation. Affected: SMG 10.x before 10.6.3-266 (per SYM17-004). ...
CVE-2017-6326
creationtimestamp| type| source ---|---|--- 2017-06-26 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/42251 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/symantecmessaginggatewayexec.rb 2025-02-06...
Symantec Messaging Gateway <= 10.6.3 Multiple Vulnerabilities
Symantec Messaging Gateway is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Cisco ASA DNS DoS Vulnerability (cisco-sa-20151021-asa-dns2)
A vulnerability in the DNS code of Cisco ASA may lead to a denial of service. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program i...