6496 matches found
WordPress plugin Simple Travel Map 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
WordPress Custom Post Type to Map Store plugin <= 1.1.0 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Custom Post Type to Map Store versions = 1.1.0...
SUSE CVE-2024-22117
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding...
DEBIAN-CVE-2024-22117
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding...
CVE-2024-22117
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding...
UBUNTU-CVE-2024-22117
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding...
CVE-2024-22117 Value of sysmap_element_url can be de-synchronized causing the map element to crash when new URLs is added
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding...
CVE-2024-22117 Value of sysmap_element_url can be de-synchronized causing the map element to crash when new URLs is added
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding...
CVE-2024-22117
When a URL is added to the map element, it is recorded in the database with sequential IDs. Upon adding a new URL, the system retrieves the last sysmapelementurlid value and increments it by one. However, an issue arises when a user manually changes the sysmapelementurlid value by adding...
The vulnerability of the sock_map_{close,destroy,unhash}() functions in the Linux operating system allows a hacker to compromise the confidentiality and accessibility of the protected information.
The vulnerability of the functions sockmapclose,destroy,unhash in the net/core/sockmap.c module of the Linux operating system is related to stack overflow due to infinite recursion. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality and accessibility of th...
The vulnerability of the mmap_mutex function in the Linux operating system allows a hacker to compromise the confidentiality, integrity, and accessibility of data.
The vulnerability of the mmapmutex function in Linux operating systems is related to the recovery of unreliable data in memory. Exploiting this vulnerability can allow a remote attacker to compromise confidentiality, integrity, and accessibility of data...
eap-7: heap exhaustion via deserialization
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result i...
eap-7: heap exhaustion via deserialization
A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result i...
WordPress Simple Travel Map plugin <= 0.1 - CSRF to Stored Cross Site Scripting (XSS) vulnerability
CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Simple Travel Map versions = 0.1...
WordPress Simple Travel Map Plugin <= 0.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Simple Travel Map Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-53715 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID cb9374ea8217 Credits SOPROBRO Required...
CVE-2024-53091 bpf: Add sk_is_inet and IS_ICSK check in tls_sw_has_ctx_tx/rx
In the Linux kernel, the following vulnerability has been resolved: bpf: Add skisinet and ISICSK check in tlsswhasctxtx/rx As the introduction of the support for vsock and unix sockets in sockmap, tlsswhasctxtx/rx cannot presume the socket passed in must be ISICSK. vsock and afunix sockets have...
The vulnerability of the cpumap component in the Linux operating system’s kernel allows a hacker to trigger a service failure.
The vulnerability of the cpumap component in the Linux operating system’s kernel is related to the use of an uninitialized resource in the function cpumapbpfprogrunxdp. Exploiting this vulnerability can allow a attacker to cause a service failure...
CVE-2024-52447
Path Traversal: '.../...//' vulnerability in corporatezen222 Contact Page With Google Map contact-page-with-google-map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through = 1.6.1...
CVE-2024-52447
CVE-2024-52447 : Path Traversal leading to Arbitrary File Deletion in WordPress plugin “Contact Page With Google Map”
CVE-2024-52447 WordPress Contact Page With Google Map plugin <= 1.6.1 - Arbitrary File Deletion vulnerability
Path Traversal: '.../...//' vulnerability in corporatezen222 Contact Page With Google Map contact-page-with-google-map allows Path Traversal.This issue affects Contact Page With Google Map: from n/a through = 1.6.1...