CVE-2026-7144

A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown function of the file updatepasswdprocess.php. The manipulation of the argument tempuser results in authorization bypass. The attack can be launched remotely. The exploit has been...

CVE-2020-7144

A comparefilesresult expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

EUVD-2009-3716

Malware in sbrugna...

CVE-2025-7144

creationtimestamp| type| source ---|---|--- 2025-07-07 23:35:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ltfx7hqn3p2y...

CVE-2024-7144

creationtimestamp| type| source ---|---|--- 2024-08-16 17:03:44+00:00| seen| https://t.me/cvedetector/3332...

CVE-2024-7144 JetElements <= 2.6.20 - Authenticated (Contributor+) Stored Cross-Site Scripting

The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'slideid' parameters in all versions up to, and including, 2.6.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...

WordPress JetElements For Elementor Plugin <= 2.6.20 is vulnerable to Cross Site Scripting (XSS)

Software JetElements For Elementor Type Plugin Vulnerable versions = 2.6.20 Fixed in 2.6.20.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7144 Patch priority Low CVSS severity Low 6.5 Developer Crocoblock PSID e5a6ab70d49a Credits stealthcopter...

RHEL 7 : python-keystoneclient (RHSA-2014:1784)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2014:1784 advisory. Python-keystoneclient is a client library and a command line utility for interacting with the OpenStack Identity API. It was found that...

CVE-2023-7144

A vulnerability classified as critical has been found in gopeak MasterLab up to 3.3.10. This affects the function sqlInject of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...

CVE-2023-7144 gopeak MasterLab HTTP POST Request Feature.php sqlInject sql injection

A vulnerability classified as critical has been found in gopeak MasterLab up to 3.3.10. This affects the function sqlInject of the file app/ctrl/framework/Feature.php of the component HTTP POST Request Handler. The manipulation of the argument pwd leads to sql injection. The exploit has been...

CVE-2023-7144

The CVE-2023-7144 entry concerns gopeak MasterLab versions up to 3.3.10, specifically the HTTP POST Request Handler’s component and the sqlInject function in app/ctrl/framework/Feature.php. The vulnerability arises from improper handling of the pwd argument, enabling SQL injection. Public exploit...

keystonemiddleware (=1.3.2), python-ceilometerclient (=1.0.15) +3 more potentially affected by CVE-2014-7144 via python-keystoneclient (>=1.1.0 <=1.1.1)

python-keystoneclient PYPI version =1.1.0, =0.9.4, =0.9.9 - python-neutronclient =2.3.12 Source cves: CVE-2014-7144 Source advisory: OSV:GHSA-7F2C-VP52-GMFW...

CVE-2020-7144

A comparefilesresult expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2020-7144

CVE-2020-7144 affects Hewlett Packard Enterprise Intelligent Management Center (iMC) before PLAT 7.3 (E0705P07). A compareFilesResult expression language injection exists in the handling of the compareFilesResult.xhtml endpoint, specifically via the beanName parameter, enabling remote code execut...

CVE-2020-7144

A comparefilesresult expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center iMC versions: Prior to iMC PLAT 7.3 E0705P07...

CVE-2018-7144

CVE-2018-7144 is rejected/not used and does not represent an active vulnerability entry.

CVE-2019-7144

CVE-2019-7144 affects Adobe Acrobat and Reader: versions 2019.010.20100 and earlier, 2019.010.20099 and earlier, 2017.011.30140 and earlier, 2017.011.30138 and earlier, 2015.006.30495 and earlier, and 2015.006.30493 and earlier are affected by an out-of-bounds read vulnerability. The issue can pe...

CVE-2017-7144

The CVE-2017-7144 entry describes a privacy vulnerability in WebKit affecting iOS prior to 11 and Safari prior to 11, where cookie mishandling could allow remote attackers to track users in Safari Private Browsing. Connected documents confirm the affected component (WebKit) and the privacy impact...

macOS : Apple Safari < 11.0 Multiple Vulnerabilities

The version of Apple Safari installed on the remote macOS or Mac OS X host is prior to 11.0. It is, therefore, affected by multiple vulnerabilities as described in the HT208116 security advisory. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid103360;...

CVE-2015-7144

...