CGA-G7XG-7683-FH8W

Bulletin has no description...

WordPress LatestCheckins plugin <= 1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin LatestCheckins versions = 1...

MAL-2025-7683 Malicious code in @crabas0npm2/nostrum-provident-repudiandae (npm)

The package @crabas0npm2/nostrum-provident-repudiandae was found to contain malicious code...

CVE-2024-7683

A vulnerability classified as problematic has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file addcasestage.php. The manipulation of the argument cname leads to cross site scripting. It is possible to launch the attack...

CVE-2024-7683

creationtimestamp| type| source ---|---|--- 2024-08-12 15:56:09+00:00| seen| https://t.me/cvedetector/2827...

CVE-2024-7683 SourceCodester Kortex Lite Advocate Office Management System addcase_stage.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file addcasestage.php. The manipulation of the argument cname leads to cross site scripting. It is possible to launch the attack...

CVE-2024-7683

This CVE (CVE-2024-7683) affects SourceCodester Kortex Lite Advocate Office Management System 1.0. The vulnerability is an input handling issue in the addcase_stage.php function where manipulating the cname argument enables cross-site scripting (XSS). Exploitation is possible remotely, and public...

CVE-2024-7683 SourceCodester Kortex Lite Advocate Office Management System addcase_stage.php cross site scripting

A vulnerability classified as problematic has been found in SourceCodester Kortex Lite Advocate Office Management System 1.0. Affected is an unknown function of the file addcasestage.php. The manipulation of the argument cname leads to cross site scripting. It is possible to launch the attack...

AlmaLinux 8 : kernel (ALSA-2022:7683)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7683 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an...

@ahone/svg2canvas (>=0.0.1 <=0.0.7), @lx-frontend/svg2canvas (=0.0.1) +2 more potentially affected by CVE-2020-7683 via rollup-plugin-server (=0.7.0)

rollup-plugin-server NPM version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on rollup-plugin-server and may be impacted: - @ahone/svg2canvas =0.0.1, =9.1.0, =9.1.2 Source cves: CVE-2020-7683 Source advisory: OSV:GHSA-34GH-3CWV-WVP2...

CVE-2020-7683 Directory Traversal

This affects all versions of package rollup-plugin-server. There is no path sanitization in readFile operation performed inside the readFileFromContentBase function...

CVE-2020-7683

CVE-2020-7683 affects all versions of rollup-plugin-server. The vulnerability is a path traversal in the readFile operation inside readFileFromContentBase due to lack of path sanitization. Exploitation could expose arbitrary files via dot-dot-slash sequences (as demonstrated by public PoCs). Ther...

@ahone/svg2canvas (>=0.0.1 <=0.0.7), @lx-frontend/svg2canvas (=0.0.1) +2 more potentially affected by CVE-2020-7683 via rollup-plugin-server (=0.7.0)

rollup-plugin-server NPM version =0.7.0 is affected by a known vulnerability. The following packages have a transitive dependency on rollup-plugin-server and may be impacted: - @ahone/svg2canvas =0.0.1, =9.1.0, =9.1.2 Source cves: CVE-2020-7683 Source advisory: SNYK:JS-ROLLUPPLUGINSERVER-590123...

CVE-2018-7683

CVE-2018-7683 affects Micro Focus Solutions Business Manager (SBM) prior to version 11.4, with an information disclosure exposing sensitive data via server log files. Multiple connected sources corroborate the same impact, referencing SBM before 11.4. The root cause, vulnerable component details,...

CVE-2017-7683

CVE-2017-7683 affects Apache OpenMeetings 1.0.0, where error handling discloses the Tomcat version and a detailed stack trace. This information leakage can aid attackers by revealing server details. The advisory notes the issue is fixed in OpenMeetings 3.3.0; upgrading to &gt;=3.3.0 is the recomm...

CVE-2016-7683

CVE-2016-7683 entry is rejected and not used.

CVE-2016-7683

...

WordPress Font 7.5 Path Traversal Vulnerability

WordPress Font plugin version 7.5 suffers from a path traversal vulnerability. Details ================ Software: Font Version: 7.5 Homepage: https://wordpress.org/plugins/font/ CVE: CVE-2015-7683 Pending CVSS: 6.3 Medium; AV:N/AC:M/Au:S/C:C/I:N/A:N CWE: CWE-22 Description ================ An...

WordPress Font 7.5 Path Traversal

Details ================ Software: Font Version: 7.5 Homepage: https://wordpress.org/plugins/font/ CVE: CVE-2015-7683 Pending CVSS: 6.3 Medium; AV:N/AC:M/Au:S/C:C/I:N/A:N CWE: CWE-22 Description ================ An absolute path traversal vulnerability in Font 7.5 allows WordPress admins read...

CVE-2014-7683

CVE-2014-7683 concerns the Android app “Free Canadian Author Previews” (com.booksellerscanada.authorpreview) version 1.0.0. The vulnerability is improper SSL trust validation: the app does not verify X.509 certificates from SSL servers, which can let an attacker perform a man-in-the-middle attack...