CVE-2020-7861

AnySupport Remote support solution before 2019.3.21.0 allows directory traversing because of swprintf function to copy file from a management PC to a client PC. This can be lead to arbitrary file execution...

CVE-2019-7861

Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2...

Ubuntu: Security Advisory (USN-7861-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7861-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7861-1 advisory. Jean-Claude Graf, Sandro Regge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor...

Linux Distros Unpatched Vulnerability : CVE-2017-7861

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google gRPC before 2017-02-22 has an out-of-bounds write related to the gprfree function in core/lib/support/alloc.c. CVE-2017-7861 Note that Nessus relies on t...

CVE-2025-7861 code-projects Church Donation System search.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Church Donation System 1.0. Affected is an unknown function of the file /members/search.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

CVE-2025-7861 code-projects Church Donation System search.php sql injection

A vulnerability, which was classified as critical, was found in code-projects Church Donation System 1.0. Affected is an unknown function of the file /members/search.php. The manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

RHSA-2023:7861

creationtimestamp| type| source ---|---|--- 2025-04-03 03:33:49+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/10160...

CVE-2024-7861 Misiek Paypal <= 1.1.20090324 - Stored XSS via CSRF

The Misiek Paypal WordPress plugin through 1.1.20090324 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

CVE-2024-7861 Misiek Paypal <= 1.1.20090324 - Stored XSS via CSRF

The Misiek Paypal WordPress plugin through 1.1.20090324 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

WordPress Misiek Paypal Plugin <= 1.1.20090324 is vulnerable to Cross Site Request Forgery (CSRF)

Software Misiek Paypal Type Plugin Vulnerable versions = 1.1.20090324 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-7861 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 2187aca65d0c Credits Daniel Ruf Requir...

SUSE CVE-2016-7861

Adobe Flash Player versions 23.0.0.205 and earlier, 11.2.202.643 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution...

Security Bulletin: IBM Security Verify Information Queue uses a Google gRPC framework with multiple vulnerabilities (CVE-2017-7860, CVE-2017-7861, CVE-2017-9431)

Summary The connect image in IBM Security Verify Information Queue ISIQ v10.0.2 uses an older version of the Google RPC gRPC framework that is vulnerable to denial of service and buffer overflow attacks. ISIQ v10.0.3 upgraded its connect image to include a newer gRPC level that remediates the...

CVE-2020-7861

CVE-2020-7861 affects AnySupport (Remote support solution). A directory traversal vulnerability arises before 2019.3.21.0 due to the use of swprintf to copy files from a management PC to a client PC, which can lead to arbitrary file execution. The Red Hat and NVD/NVD-derived records corroborate t...

CVE-2019-7861

Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2...

CVE-2019-7861

Magento 2.x prior to updates 2.1.18, 2.2.x prior to 2.2.9, and 2.3.x prior to 2.3.2 are affected by insufficient server-side validation of user input that can bypass file upload restrictions. The root cause is improper input validation during upload, enabling attackers to upload malicious files. ...

CVE-2019-7861

Insufficient server-side validation of user input could allow an attacker to bypass file upload restrictions in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2...

CVE-2018-7861

...

CVE-2018-7861

CVE-2018-7861 is rejected/not used as stated in the description.

DEBIAN-CVE-2017-7861

Google gRPC before 2017-02-22 has an out-of-bounds write related to the gprfree function in core/lib/support/alloc.c...