ECHO-541A-6720-4DCA

Bulletin has no description...

WordPress Vchasno Kasa plugin <= 1.0.3 - Unauthenticated Log File Clearing vulnerability

Unauthenticated Log File Clearing vulnerability discovered by Poli in WordPress Plugin Vchasno Kasa versions = 1.0.3...

CVE-2025-6720

creationtimestamp| type| source ---|---|--- 2025-07-19 09:06:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lucmarm5mj2h...

CVE-2025-6720 Vchasno Kasa <= 1.0.3 - Unauthenticated Log File Clearing

The Vchasno Kasa plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the clearalllog function in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to clear log files...

RHEL 9 : thunderbird (RHSA-2024:6720)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:6720 advisory. Mozilla Thunderbird is a standalone mail and newsgroup client. Security Fixes: thunderbird: 115.15/128.2 mozilla: Type confusion when lookin...

CVE-2024-6720

creationtimestamp| type| source ---|---|--- 2024-08-06 19:12:28+00:00| seen| https://t.me/cvedetector/2616...

CVE-2024-6720 Light Poll <= 1.0.0 - Poll Answers Deletion via CSRF

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

CVE-2024-6720 Light Poll <= 1.0.0 - Poll Answers Deletion via CSRF

The Light Poll WordPress plugin through 1.0.0 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

WordPress Light Poll Plugin <= 1.0.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software Light Poll Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6720 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 167c407c922d Credits Vuln Seeker Cybersecurity...

Ubuntu 22.04 LTS : Cacti vulnerability (USN-6720-1)

The remote Ubuntu 22.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-6720-1 advisory. Kentaro Kawane discovered that Cacti incorrectly handled user provided input sent through request parameters to the graphview.php script. A remote authenticated...

CVE-2023-6720

creationtimestamp| type| source ---|---|--- 2024-01-10 09:06:40+00:00| seen| https://t.me/ctinow/165636...

CVE-2023-6720 Cross-site Scripting in Repox

An XSS vulnerability stored in Repox has been identified, which allows a local attacker to store a specially crafted JavaScript payload on the server, due to the lack of proper sanitisation of field elements, allowing the attacker to trigger the malicious payload when the application loads...

VulnCheck KEV: CVE-2013-6720

Directory traversal vulnerability in download.php in the Passive Capture Application PCA web console in IBM Tealeaf CX 7.x, 8.x through 8.6, 8.7 before FP2, and 8.8 before FP2 allows remote authenticated users to bypass intended access restrictions via a .. dot dot in the log parameter, as...

CVE-2012-6720

CVE-2012-6720 concerns a Cross-Site Scripting (XSS) vulnerability in SocialEngine prior to version 4.2.4. The issue allows remote attackers to inject arbitrary web script or HTML through specific parameters: (1) title to music/create, (2) location to events/create, and (3) search to widget/index/...

Security Bulletin: IBM Tealeaf CX Passive Capture Application is vulnerable to a remotely exploitable OS command injection and local file inclusion (CVE-2013-6719 and CVE-2013-6720)

Summary IBM Tealeaf CX Passive Capture Application is vulnerable to a remotely exploitable OS command injection and local file inclusion. These vulnerabilities may be exploited to compromise the host system. Vulnerability Details Two areas of vulnerability are found in the IBM Tealeaf CX Passive...

CVE-2017-6720

The CVE-2017-6720 issue affects Cisco Small Business Managed Switches (300, 500, 350, 350X, 550X series and ESW2 line) where the SSH subsystem mishandles SSH messages, allowing an authenticated remote attacker to trigger a reload and cause a DoS. Root cause: improper processing of SSH connections...

CVE-2016-6720

CVE-2016-6720 is an information-disclosure vulnerability in libstagefright within Mediaserver on Android. A local malicious application could access data outside its permissions by exploiting Mediaserver’s handling of media processing. Affected Android versions include 4.x before 4.4.4, 5.0.x bef...

Adobe Acrobat < 10.1.16 / 11.0.13 / 2015.006.30094 / 2015.009.20069 Multiple Vulnerabilities (APSB15-24)

The version of Adobe Acrobat installed on the remote Windows host is a version prior to 10.1.16, 11.0.13, 2015.006.30094, or 2015.009.20069. It is, therefore, affected by multiple vulnerabilities. - The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before...

Design/Logic Flaw

The ANAuthenticateResource method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScript API...

Design/Logic Flaw

The CBSharedReviewSecurityDialog method in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to bypass JavaScrip...