29 matches found
CVE-2026-3885
The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'subox' shortcode in all versions up to, and including, 7.4.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
Exploit for Relative Path Traversal in Fortinet Fortiweb
CVE-2025-64446 - FortiWeb Authentication Bypass Exploit De...
RHSA-2021:3528 Red Hat Security Advisory: Red Hat Single Sign-On 7.4.9 security update on RHEL 7
Bulletin has no description...
RHSA-2023:0552 Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
Bulletin has no description...
PT-2024-30801 · Zynith · Zynith
Name of the Vulnerable Software and Affected Versions: Z Y N I T H versions n/a through 7.4.9 Description: The issue is related to missing authorization, allowing access to functionality not properly constrained by ACLs. This enables unauthenticated access. Recommendations: For versions n/a throu...
PT-2024-30800 · Zynith · Zynith
Name of the Vulnerable Software and Affected Versions: ZYNITH versions prior to 7.4.9 Description: The issue is related to a missing authorization vulnerability in ZYNITH, allowing access to functionality not properly constrained by Access Control Lists ACLs. This means that users can access...
WordPress Z Y N I T H plugin <= 7.4.9 - Unauthenticated Arbitrary Option Deletion vulnerability
Unauthenticated Arbitrary Option Deletion vulnerability discovered by Dave Jong Patchstack in WordPress Plugin Z Y N I T H versions = 7.4.9...
CVE-2024-26289
The CVE-2024-26289 issue is a Deserialization of Untrusted Data vulnerability in PMB Services PMB that enables Remote Code Inclusion. Concrete details from connected documents: affected PMB versions are 7.3.1–7.3.18, 7.4.1–7.4.9, and 7.5.1–7.5.6-2. Root cause is deserialization of untrusted data....
PT-2024-5291 · Pmb · Pmb
Name of the Vulnerable Software and Affected Versions: PMB versions 7.3.1 through 7.3.18 PMB versions 7.4.1 through 7.4.9 PMB versions 7.5.1 through 7.5.6-2 Description: The issue is related to the deserialization of untrusted data, which can lead to remote code inclusion. This allows a remote...
CVE-2024-32562
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Stored XSS.This issue affects Z Y N I T H: from n/a through 7.4.9...
CVE-2024-32562 WordPress Z Y N I T H plugin <= 7.4.9 - Unauthenticated Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Stored XSS.This issue affects Z Y N I T H: from n/a through 7.4.9...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.4.9 Security update
An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.4.9 Security update (Important) (RHSA-2023:0552)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0552 advisory. Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release o...
CVE-2021-41943
CVE-2021-41943 affects Logrhythm Web Console 7.4.9, where HTML tag injection is possible in the Contextualize Action name field. The root cause is injection of HTML markup into that field, enabling potential HTML-based manipulation. The sources do not provide exploit details or a fixed patch/vers...
php: Use of freed hash key in the phar_parse_zipfile function
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar extension, pharparsezipfile could be tricked into accessing freed memory, which could lead to a crash or information disclosure...
Moderate: Red Hat Security Advisory: Red Hat Single Sign-On 7.4.9 security update
A security update is now available for Red Hat Single Sign-On 7.4 from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Red Hat Single Sign-On 授权问题漏洞
Red Hat Single Sign-On is an authentication and access control system from the American company Red Hat Red Hat. The tool is responsible for authentication and access control functions for the system, supports most authentication protocols Oauth, OpenId Connect, etc., and can be easily integrated...
Logrhythm Platform Manager Access Control Error Vulnerability
Logrhythm Platform Manager is a component of the Logrhythm application from Logrhythm USA. The component is responsible for centralized management of alerts, notifications and case and security event management. Supports real-time dashboards, SmartResponse operations and reports. An Access Contro...