Lucene search
+L

111 matches found

CNNVD
CNNVD
added 2024/09/16 12:0 a.m.6 views

Decidim 跨站脚本漏洞

Decidim is an open source participatory democracy framework from Decidim, written in Ruby on Rails. A cross-site scripting vulnerability exists in Decidim versions 0.27.6 and earlier and 0.28.1 and earlier, which stems from a cross-site scripting attack in the administrator panel if an...

6.8CVSS5.8AI score0.00353EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/08/26 9:15 a.m.14 views

CVE-2024-43444

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

8.2CVSS5.9AI score0.00376EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/26 8:42 a.m.22 views

CVE-2024-43444 Passwords are written to Admin Log Module

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

8.2CVSS7.3AI score0.00376EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/26 8:42 a.m.22 views

CVE-2024-43444 Passwords are written to Admin Log Module

Passwords of agents and customers are displayed in plain text in the OTRS admin log module if certain configurations regarding the authentication sources match and debugging for the authentication backend has been enabled. This issue affects: OTRS from 7.0.X through 7.0.50 OTRS 8.0.X OTRS 2023.X...

8.2CVSS0.00376EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.9 views

PT-2024-5942 · Otrs · Otrs

Name of the Vulnerable Software and Affected Versions: OTRS versions 7.0.X through 7.0.50 OTRS version 8.0.X OTRS version 2023.X OTRS versions 2024.X through 2024.5.X OTRS Community Edition version 6.0.x Description: The issue is related to the OTRS admin log module, where passwords of agents and...

8.5CVSS7.1AI score0.00376EPSS
Exploits0References14
Vulnrichment
Vulnrichment
added 2024/08/20 12:0 a.m.10 views

CVE-2024-42606

Pligg CMS v2.0.2 was discovered to contain a Cross-Site Request Forgery CSRF vulnerability via /admin/adminlog.php?clear=1...

7.5AI score0.00201EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/08/20 12:0 a.m.5 views

Kliqqi CMS 安全漏洞

Kliqqi CMS Pligg CMS is Kliqqi open source a content management system . Kliqqi CMS v2.0.2 version of a cross-site request forgery vulnerability , the vulnerability stems from /admin/adminlog.php?clear=1 does not adequately verify that the request is from a trusted user , an attacker can use this...

8.8CVSS7AI score0.00201EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.9 views

PT-2024-30058 · Pligg Cms · Pligg Cms

Name of the Vulnerable Software and Affected Versions: Pligg CMS version 2.0.2 Description: A Cross-Site Request Forgery CSRF issue was found in Pligg CMS. The issue is related to the "/admin/admin log.php?clear=1" endpoint. Recommendations: For Pligg CMS version 2.0.2, update to a version that...

8.8CVSS7AI score0.00201EPSS
Exploits1References7
Cvelist
Cvelist
added 2023/10/16 12:0 a.m.29 views

CVE-2023-40852

SQL Injection vulnerability in Phpgurukul User Registration & Login and User Management System With admin panel 3.0 allows attackers to obtain sensitive information via crafted string in the admin user name field on the admin log in page...

9.7AI score0.00815EPSS
Exploits1References1
OSV
OSV
added 2023/03/20 12:15 p.m.2 views

CVE-2023-23721

Cross-Site Request Forgery CSRF vulnerability in David Gwyer Admin Log plugin = 1.50 versions...

8.8CVSS5.8AI score0.00271EPSS
Exploits0References1
Prion
Prion
added 2023/03/20 12:15 p.m.9 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in David Gwyer Admin Log plugin = 1.50 versions...

6.8CVSS8.7AI score0.00271EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/03/20 11:27 a.m.21 views

CVE-2023-23721 WordPress Admin Log Plugin <= 1.50 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in David Gwyer Admin Log plugin = 1.50 versions...

4.3CVSS9AI score0.00271EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/03/20 11:27 a.m.11 views

CVE-2023-23721 WordPress Admin Log Plugin <= 1.50 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in David Gwyer Admin Log plugin = 1.50 versions...

4.3CVSS7.1AI score0.00271EPSS
Exploits0References1
CVE
CVE
added 2023/03/20 11:27 a.m.94 views

CVE-2023-23721

CVE-2023-23721 affects the WordPress Admin Log plugin (

8.8CVSS6.5AI score0.00271EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/03/20 12:0 a.m.3 views

WordPress Plugin Admin Log 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

8.8CVSS7.9AI score0.00271EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/01/19 12:0 a.m.7 views

WordPress Admin Log Plugin <= 1.50 is vulnerable to Cross Site Request Forgery (CSRF)

Software Admin Log Type Plugin Vulnerable versions = 1.50 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-23721 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 5b0513f078ee Credits Mika Required privilege...

8.8CVSS7AI score0.00271EPSS
Exploits0References1Affected Software1
Github Security Blog
Github Security Blog
added 2022/12/15 9:30 p.m.23 views

FeehiCMS Cross Site Scripting vulnerability

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page...

5.4CVSS5.6AI score0.00506EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2022/12/15 9:30 p.m.14 views

GHSA-8VJP-HFGH-68RJ FeehiCMS Cross Site Scripting vulnerability

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page...

5.4CVSS5.3AI score0.00506EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/06/02 12:0 a.m.6 views

Wedding Management System SQL注入漏洞

Wedding Management System is a wedding planning management system by John Paul Lim Gabule, a personal developer. v1.0 of Wedding Management System is vulnerable to SQL injection, which originates from the admin/logeventsedit.php page Lack of validation of external input SQL statements can be...

7.2CVSS6AI score0.00958EPSS
Exploits1References2
Hacker One
Hacker One
added 2022/04/07 6:50 a.m.12 views

Lark Technologies: Ability to View Non-Permitted Admin Log

An access control issue was found where a user without proper permissions would be able to view the admin log. We thank @imrannisar for reporting this to our team...

1.7AI score
Exploits0
Rows per page
Query Builder