Lucene search
K

32 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:18 a.m.9 views

CVE-2024-10342

The League of Legends Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

6.4CVSS5.8AI score0.00296EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/25 7:37 a.m.26 views

CVE-2024-10342 League of Legends Shortcodes <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The League of Legends Shortcodes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

6.4CVSS0.00296EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/10/25 7:37 a.m.14 views

CVE-2024-10341 League of Legends Shortcodes <= 1.0.1 - Authenticated (Contributor+) SQL Injection via Shortcode

The League of Legends Shortcodes plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.0.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

6.5CVSS7.2AI score0.00433EPSS
Exploits0References2
CVE
CVE
added 2024/10/25 7:37 a.m.52 views

CVE-2024-10341

CVE-2024-10341 relates to the WordPress plugin League of Legends Shortcodes. The vulnerability is an SQL Injection in the plugin’s shortcode for versions up to and including 1.0.1, caused by insufficient escaping of the user-supplied parameter and inadequate preparation of the SQL query. Exploita...

6.5CVSS6.8AI score0.00433EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/10/25 7:37 a.m.20 views

CVE-2024-10341 League of Legends Shortcodes <= 1.0.1 - Authenticated (Contributor+) SQL Injection via Shortcode

The League of Legends Shortcodes plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.0.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible...

6.5CVSS0.00433EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/10/25 12:0 a.m.3 views

WordPress plugin League of Legends Shortcodes SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A SQL injection vulnerability exists in the WordPress plugi...

6.5CVSS7.7AI score0.00433EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/10/24 10:9 p.m.7 views

WordPress League of Legends Shortcodes plugin <= 1.0.1 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by István Márton in WordPress Plugin League of Legends Shortcodes versions = 1.0.1...

6.5CVSS8.1AI score0.00433EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/24 10:4 p.m.5 views

WordPress League of Legends Shortcodes plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by István Márton in WordPress Plugin League of Legends Shortcodes versions = 1.0.1...

6.4CVSS5.8AI score0.00296EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.19 views

WordPress League of Legends Shortcodes Plugin <= 1.0.1 is vulnerable to SQL Injection

Software League of Legends Shortcodes Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-10341 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID e710f3b6d815 Credits István Márton Required privilege...

6.5CVSS6.8AI score0.00433EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/10/24 12:0 a.m.16 views

WordPress League of Legends Shortcodes Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software League of Legends Shortcodes Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10342 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a6f27a15f3e2 Credits István Márto...

6.4CVSS5.7AI score0.00296EPSS
Exploits0References2Affected Software1
HackRead
HackRead
added 2024/09/26 12:9 p.m.10 views

Fake League of Legends Download Ads Spread Lumma Stealer Malware

League of Legends fans beware! A new malware campaign targeting the League of Legends World Championship is spreading…...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/02/06 1:0 a.m.16 views

A week in security (January 30 - February 5)

Last week on Malwarebytes Labs: A private moment, caught by a Roomba, ended up on Facebook. Eileen Guo explains how: Lock and Code S04E03 New data wipers deployed against Ukraine Update your LearnPress plugins now! Riot Games refuses to pay ransom to avoid League of Legends leak Analyzing and...

0.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/01/30 1:0 p.m.29 views

Riot Games refuses to pay ransom to avoid League of Legends leak

After confirming threat actors were able to steal some of its code, Riot Games has also revealed that it received a ransom email from its attacker. The attackers demanding $10 million to stop them leaking source code from League of Legend's and other games. Riot's reply? Today, we received a rans...

0.2AI score
Exploits0
CNNVD
CNNVD
added 2023/01/15 12:0 a.m.3 views

lolfeedback SQL注入漏洞

lolfeedback is an app by Philip B. Personal Developer. After linking your League of Legends account to LoLFeedback, feedback can only be provided to players you have played or A SQL injection vulnerability exists in lolfeedback, which stems from an unknown functionality impact and operates to cau...

9.8CVSS6.7AI score0.00657EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2016/06/13 12:0 a.m.50 views

Riot Games League Of Legends Insecure File Permissions Privilege Escalation

------------------------------------------------------------------------------------ Exploit Title: Riot Games League of Legends Insecure File Permissions Privilege Escalation Date: 03/06/16 Exploit Author: Cyril Vallicari i give credit also to Vincent Yiu he probably found this too Vendor...

0.5AI score
Exploits0
0day.today
0day.today
added 2016/06/10 12:0 a.m.39 views

Riot Games League of Legends - Insecure File Permissions Privilege Escalation

Exploit for windows platform in category local exploits ------------------------------------------------------------------------------------ Exploit Title: Riot Games League of Legends Insecure File Permissions Privilege Escalation Date: 03/06/16 Exploit Author: Cyril Vallicari i give credit also...

6.8AI score
Exploits0
exploitpack
exploitpack
added 2016/06/10 12:0 a.m.26 views

Riot Games League of Legends - Insecure File Permissions Privilege Escalation

Riot Games League of Legends - Insecure File Permissions Privilege Escalation ------------------------------------------------------------------------------------ Exploit Title: Riot Games League of Legends Insecure File Permissions Privilege Escalation Date: 03/06/16 Exploit Author: Cyril...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2016/06/10 12:0 a.m.54 views

Riot Games League of Legends - Insecure File Permissions Privilege Escalation

------------------------------------------------------------------------------------ Exploit Title: Riot Games League of Legends Insecure File Permissions Privilege Escalation Date: 03/06/16 Exploit Author: Cyril Vallicari i give credit also to Vincent Yiu he probably found this too Vendor...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2016/06/07 12:0 a.m.20 views

League of Legends Screensaver - Insecure File Permissions Privilege Escalation

League of Legends Screensaver - Insecure File Permissions Privilege Escalation Exploit Title: League of Legends Screensaver Insecure File Permissions Privilege Escalation CVE-ID: NA Date: 13/04/2016 Exploit Author: Vincent Yiu Contact: [email protected] Vendor Homepage:...

0.4AI score
Exploits0
Packet Storm
Packet Storm
added 2016/06/07 12:0 a.m.31 views

League Of Legends Screensaver Unquoted Service Path Privilege Escalation

Exploit Title: League of Legends Screensaver Unquoted Service Paths Conditional Privilege Escalation. CVE-ID: NA Date: 13/04/2016 Exploit Author: Vincent Yiu Contact: [email protected] Vendor Homepage: http://www.leagueoflegends.com Software Link: screensaver.euw.leagueoflegends.com/enUS...

0.6AI score
Exploits0
Rows per page
Query Builder