1179 matches found
WordPress Global Income Stats from Freemius plugin <= 1.0.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Global Income Stats from Freemius plugin versions = 1.0.0. Solution No patched version available...
WordPress WooCommerce Next Order Coupon plugin <= 0.4.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WooCommerce Next Order Coupon plugin versions = 0.4.0. Solution No patched version available...
WordPress WooRocks Magic Content plugin <= 1.0.17 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress WooRocks Magic Content plugin versions = 1.0.17. Solution No patched version available...
WordPress Run time Image resizing plugin <= 1.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Run time Image resizing plugin versions = 1.1. Solution No patched version available...
WordPress XT Floating Cart for WooCommerce plugin <= 2.6.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress XT Floating Cart for WooCommerce plugin versions = 2.6.2. Solution Update the WordPress XT Floating Cart for WooCommerce plugin to the latest available version at least 2.6.3...
WordPress Widgets for SiteOrigin plugin <= 1.4.8 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Widgets for SiteOrigin plugin versions = 1.4.8. Solution No patched version available...
WordPress Custom Welcome Guide plugin < 1.0.6 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Sensitive Information Disclosure vulnerability discovered in WordPress Custom Welcome Guide plugin versions 1.0.6. Solution Update the WordPress Custom Welcome Guide plugin to the latest available version at least 1.0.6...
WordPress Open User Map | Everybody can add locations plugin < 1.2.11 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Open User Map | Everybody can add locations plugin versions 1.2.11. Solution Update the WordPress Open User Map | Everybody can add locations plugin to the latest available version at least 1.2.11...
WordPress Expire tags plugin <= 1.1 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Expire tags plugin versions = 1.1. Solution No patched version available...
WordPress Guest Author Affiliate plugin <= 1.1.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Guest Author Affiliate plugin versions = 1.1.4. Solution Update the WordPress Guest Author Affiliate plugin to the latest available version at least 1.1.5...
WordPress Price Bands for WooCommerce plugin <= 1.0.4 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Price Bands for WooCommerce plugin versions = 1.0.4. Solution No patched version available...
WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin <= 2.23.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability
Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin versions = 2.23.0. Solution Update the WordPress Easy Smooth Scroll Links – Smooth Scrolling Anchor plugin to the latest available version at...
Information Disclosure
microweber is vulnerable to information disclosure. The vulnerability exists due to a lack of sanitization in the Handler.php file allow to view sensitive information in debug mode...
Insertion of Sensitive Information Into Debugging Code
Description Laravel debug mode exposes sensitive data, eg: internal source codes, stack traces, sql queries, databases names, tables names, user's cookies, email, phone number, username, laravel version, php version, etc Proof of Concept 1. Login into http://demo.microweber.org 2. Navigate to thi...
CVE-2021-3551
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...
CVE-2021-3551
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...
CVE-2021-3551
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...
DEBIAN-CVE-2021-3551
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...
CVE-2021-3551
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...
CVE-2021-3551
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threa...