29 matches found
CVE-2026-7306 Xuxueli xxl-job OpenAPI Endpoint OpenApiController.java hard-coded key
A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument defaulttok...
CVE-2026-7306
A security vulnerability has been detected in Xuxueli xxl-job up to 3.3.2. The impacted element is an unknown function of the file xxl-job-admin/src/main/java/com/xxl/job/admin/scheduler/openapi/OpenApiController.java of the component OpenAPI Endpoint. Such manipulation of the argument defaulttok...
CVE-2020-7306
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention DLP for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log files containing plain text...
ECHO-17DC-7306-ADA6
Bulletin has no description...
CVE-2023-7306
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfmdeletemultiplefiles function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts...
CVE-2023-7306
creationtimestamp| type| source ---|---|--- 2025-07-25 08:38:07+00:00| seen| Telegram/WqyPE2iBwCHilcfRddyTIDT38RG6bXRiuDHmBxTIBdorHng...
CVE-2023-7306
The CVE-2023-7306 entry concerns the Frontend File Manager Plugin for WordPress (versions up to 21.5). The vulnerability is caused by a missing capability check in wpfm_delete_multiple_files(), enabling unauthenticated attackers to delete arbitrary posts and cause data loss. The issue is confirme...
CVE-2023-7306 Frontend File Manager <= 21.5 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfmdeletemultiplefiles function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts...
CVE-2023-7306 Frontend File Manager <= 21.5 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfmdeletemultiplefiles function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts...
WordPress Frontend File Manager plugin <= 21.5 - Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability
Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability discovered by WordFence in WordPress Plugin Frontend File Manager versions = 21.5...
CVE-2025-7306
IrfanView CADImage Plugin DWG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView CADImage Plugin. User interaction is required to exploit this vulnerability in that the...
CVE-2025-7306
creationtimestamp| type| source ---|---|--- 2025-07-08 03:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-25-553/...
Ubuntu: Security Advisory (USN-7306-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-7306
creationtimestamp| type| source ---|---|--- 2024-07-31 10:59:01+00:00| seen| https://t.me/cvedetector/2118...
CVE-2024-7306 SourceCodester Establishment Billing Management System manage_block.php sql injection
A vulnerability, which was classified as critical, was found in SourceCodester Establishment Billing Management System 1.0. Affected is an unknown function of the file /manageblock.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The...
Malicious code in wlwz-2312-7306 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9829193390b4dc67ccd5d673417cbb0ad7e6713e75ca1fa8f9aaed218fc031c7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Ubuntu 16.04 ESM : Byobu vulnerability (USN-5234-1)
The remote Ubuntu 16.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-5234-1 advisory. Sander Bos discovered that Byobu incorrectly handled certain Apport data. An attacker could possibly use this issue to expose sensitive information. Tenable has...
Backdoor.Win32.NetSpy.10 Heap Corruption
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/e677149c35cbba118655d9b133da8827.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.NetSpy.10 Vulnerability: Heap Corruption Description: The malware listens on TCP port...
CVE-2008-7306
CVE-2008-7306 is rejected/not used per the description; it does not represent an active vulnerability entry.
CVE-2008-7306
...