28 matches found
CVE-2025-7400
creationtimestamp| type| source ---|---|--- 2025-10-07 08:09:53+00:00| seen| Telegram/ajBaXDOMQa2Tu8LawjpqmpmgVaUcLXteyRoVHIvLTHZwlE...
WordPress Featured Image from URL (FIFU) plugin <= 5.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Featured Image Custom Fields vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Featured Image Custom Fields vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Featured Image from URL versions = 5.2.7...
CVE-2024-7400 Local privilege escalation in ESET products for Windows
The vulnerability potentially allowed an attacker to misuse ESET’s file operations during the removal of a detected file on the Windows operating system to delete files without having proper permissions to do so...
CVE-2024-7400
creationtimestamp| type| source ---|---|--- 2024-09-24 16:00:07+00:00| seen| https://t.me/truesecator/6241 2024-09-25 13:30:40+00:00| seen| https://t.me/ptswarm/222 2024-09-27 09:53:38+00:00| seen| https://t.me/cvedetector/6482 2024-12-25 05:47:22+00:00| seen| https://t.me/SecLabNews/16058...
Malicious code in wlwz-2312-7400 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6414ec8a38a6e4864ad94a5c541e088cff447d724e7503243c4e922bde644048 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-836 Malicious code in wlwz-2312-7400 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 6414ec8a38a6e4864ad94a5c541e088cff447d724e7503243c4e922bde644048 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
RHEL 8 : libcap (RHSA-2023:7400)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7400 advisory. Libcap is a library for getting and setting POSIX.1e formerly POSIX 6 draft 15 capabilities. Security Fixes: libcap: Integer Overflow in...
Rukovoditel ERP And CRM 2.4.1 Cross Site Scripting
Exploit Title: Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2019-03-24 Google Dork: N/A Vendor: Rukovoditel Software Link: https://sourceforge.net/projects/rukovoditel/ Affected Version: 2.4.1 and possibly before...
Rukovoditel ERP & CRM 2.4.1 - path Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting Exploit Author: Javier Olmedo Website: https://hackpuntes.com Vendor: Rukovoditel Software Link: https://sourceforge.net/projects/rukovoditel/ Affected Version: 2.4.1 and...
Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting
Exploit Title: Rukovoditel ERP & CRM 2.4.1 - 'path' Cross-Site Scripting Exploit Author: Javier Olmedo Website: https://hackpuntes.com Date: 2019-03-24 Google Dork: N/A Vendor: Rukovoditel Software Link: https://sourceforge.net/projects/rukovoditel/ Affected Version: 2.4.1 and possibly before...
CVE-2019-7400
Rukovoditel before 2.4.1 allows XSS...
CVE-2019-7400
The CVE-2019-7400 entry concerns Rukovoditel ERP/CRM prior to version 2.4.1, affected by a reflected Cross‑Site Scripting (XSS) vulnerability. The issue arises from unsanitized input in the path parameter (e.g., in index.php?module=items/items&path=...), allowing injected script to be executed in...
The vulnerability of the XCP Router service in Cisco Unified Communications Manager IM and Presence Service, as well as the Cisco TelePresence Video Communication Server, allows a perpetrator to induce a service failure.
The vulnerability of the XCP Router service in Cisco Unified Communications Manager IM and Presence Service, as well as the Cisco TelePresence Video Communication Server, stems from insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failure...
Input validation
A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service CUCM IM&P and the Cisco TelePresence Video Communication Server VCS and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users,...
CVE-2018-0409
A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service CUCM IM&P and the Cisco TelePresence Video Communication Server VCS and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users,...
CVE-2018-0409
A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service CUCM IM&P and the Cisco TelePresence Video Communication Server VCS and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users,...
Cisco Unified Communications Manager IM & Presence Service Denial of Service Vulnerability
A vulnerability in the XCP Router service of the Cisco Unified Communications Manager IM & Presence Service CUCM IM&P and the Cisco TelePresence Video Communication Server VCS and Expressway could allow an unauthenticated, remote attacker to cause a temporary service outage for all IM&P users,...
CVE-2013-7400
The CVE-2013-7400 entry applies to the TYPO3 Direct Mail extension (direct_mail) prior to version 3.1.2, where authentication codes were not checked correctly, allowing remote attackers to obtain sensitive information. Public sources in connected documents confirm an information-disclosure vulner...
CVE-2017-9844
SAP NetWeaver 7400.12.21.30308 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted serialized Java object in a request to metadatauploader, aka SAP Security Note 2399804. NOTE: The vendor states that the devserver package of Visual Composer...
CVE-2014-7400
...