EUVD-2024-50786

Malicious code in bioql PyPI...

CVE-2024-12341

The Custom Skins Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'cf7csactioncallback' function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Subscriber-level acce...

CVE-2024-12341 Custom Skins Contact Form 7 <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update and Skin Creation

The Custom Skins Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'cf7csactioncallback' function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Subscriber-level acce...

CVE-2024-12341 Custom Skins Contact Form 7 <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update and Skin Creation

The Custom Skins Contact Form 7 plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'cf7csactioncallback' function in all versions up to, and including, 1.0. This makes it possible for authenticated attackers, with Subscriber-level acce...

WordPress Custom Skins Contact Form 7 plugin <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Update and Skin Creation vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Post Update and Skin Creation vulnerability discovered by Lucio Sá in WordPress Plugin Custom Skins Contact Form 7 versions = 1.0...

PT-2024-17553 · WordPress · Custom Skins Contact Form 7

Name of the Vulnerable Software and Affected Versions: Custom Skins Contact Form 7 plugin for WordPress versions prior to 1.1 Description: The issue arises from a missing capability check on the cf7cs action callback function, allowing authenticated attackers with Subscriber-level access and abov...

WordPress plugin Custom Skins Contact Form 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

CVE-2024-31987 XWiki Platform remote code execution from account via custom skins support

XWiki Platform is a generic wiki platform. Starting in version 6.4-milestone-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, any user who can edit any page like their profile can create a custom skin with a template override that is executed with programming right, thus allowing remote...

CVE-2024-31987 XWiki Platform remote code execution from account via custom skins support

XWiki Platform is a generic wiki platform. Starting in version 6.4-milestone-1 and prior to versions 4.10.19, 15.5.4, and 15.10-rc-1, any user who can edit any page like their profile can create a custom skin with a template override that is executed with programming right, thus allowing remote...

GHSA-CV55-V6RW-7R5V XWiki Platform remote code execution from account via custom skins support

Impact Any user who can edit any page like their profile can create a custom skin with a template override that is executed with programming right, thus allowing remote code execution. To reproduce, as a user without edit, script or admin right, add an object of class XWiki.XWikiSkins to your...

XWiki Platform remote code execution from account via custom skins support

Impact Any user who can edit any page like their profile can create a custom skin with a template override that is executed with programming right, thus allowing remote code execution. To reproduce, as a user without edit, script or admin right, add an object of class XWiki.XWikiSkins to your...

Lyrics 3.0 - Engine SQL Injection Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Lyrics V3 engine Sqli Vulnerability Date : july 6,2010 Critical Level : HIGH vendor URL :http://rightinpoint.com/ Price:$99...

Lyrics V3 Engine SQL Injection

1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Lyrics V3 engine Sqli Vulnerability Date : july 6,2010 Critical Level : HIGH vendor URL :http://rightinpoint.com/ Price:$99 Author : Sid3^effects aKa HaRi special...

Lyrics 3.0 - Engine SQL Injection

Lyrics 3.0 - Engine SQL Injection 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Lyrics V3 engine Sqli Vulnerability Date : july 6,2010 Critical Level : HIGH vendor URL :http://rightinpoint.com/ Price:$99 Auth...

Lyrics V3 engine SQL injection Vulnerabilty

Exploit for php platform in category web applications =========================================== Lyrics V3 engine SQL injection Vulnerabilty =========================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\...

Lyrics 3.0 - Engine SQL Injection

1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Lyrics V3 engine Sqli Vulnerability Date : july 6,2010 Critical Level : HIGH vendor URL :http://rightinpoint.com/ Price:$99 Author : Sid3^effects aKa HaRi special...