CVE-2021-25655 URL redirection to untrusted site possible in Avaya Aura Experience Portal

A vulnerability in the system Service Menu component of Avaya Aura Experience Portal may allow URL Redirection to any untrusted site through a crafted attack. Affected versions include 7.0 through 7.2.3 without hotfix and 8.0.0 without hotfix...

CVE-2021-24339

The Pods – Custom Content Types and Fields WordPress plugin before 2.7.27 was vulnerable to an Authenticated Stored Cross-Site Scripting XSS security vulnerability within the 'Menu Label' field parameter...

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress Pods WordPress Plugin versions prior to 2.7.27, which stems...

USN-4992-1 grub2-signed, grub2-unsigned vulnerabilities

Máté Kukri discovered that the acpi command in GRUB 2 allowed privileged users to load crafted ACPI tables when secure boot is enabled. An attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2020-14372 Chris Coulson discovered that the rmmod command in GRUB 2 contained a use-...

WordPress side buttons plugin SQL injection vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in the WordPress side buttons plugin prior to version 3.1.5. The...

CVE-2021-24348

The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue...

CVE-2021-24348

The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue...

Sql injection

The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue...

CVE-2021-24348 Side Menu < 3.1.5 - Authenticated (admin+) SQL Injection

The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue...

CVE-2021-24348

The CVE-2021-24348 affects the WordPress Side Menu plugin (versions before 3.1.5). The vulnerability arises in the menu delete functionality where an administrator-accessible did GET parameter is interpolated into an SQL statement without proper sanitisation, validation, or escaping, enabling SQL...

SUSE SLES11 Security Update : grub2 (SUSE-SU-2021:14659-1)

The remote SUSE Linux SLES11 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2021:14659-1 advisory. - The grubext2readblock function in fs/ext2.c in GNU GRUB before 2013-11-12, as used in shlr/grub/fs/ext2.c in radare2 1.5.0, allows remote...

WordPress Side Menu plugin <= 3.1.3 - Authenticated SQL Injection (SQLi) vulnerability

Authenticated SQL Injection SQLi vulnerability discovered by Shreya Pohekar in WordPress Side Menu plugin versions = 3.1.3. Solution Update the WordPress Side Menu plugin to the latest available version at least 3.1.5...

Side Menu < 3.1.5 - Authenticated (admin+) SQL Injection

The menu delete functionality of the plugin, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue PoC GET /wp-admin/admin.php?page=side-menu=del=1%20OR%201=1...

Side Menu < 3.1.5 - Authenticated (admin+) SQL Injection

The menu delete functionality of the plugin, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue GET...

EulerOS 2.0 SP5 : grub2 (EulerOS-SA-2021-1900)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in grub2 in versions prior to 2.06. During USB device initialization, descriptors are read with very little bounds checking and...

Backdoor.Win32.DarkMoon.a Weak Hardcoded Password

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/7361fe3620fb6e18467c8e15e224b0b8.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkMoon.a Vulnerability: Weak Hardcoded Password Description: Dark Moon v1 client by...

Anote 1.0 - XSS to Remote Command Execution Vulnerability

Exploit Title: Anote 1.0 - XSS to RCE Exploit Author: TaurusOmar CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Risk: High 8.8 Vendor Homepage: https://github.com/AnotherNote/anote Version: 1.0 Tested on: Linux, MacOs Software Description: A simple opensource note app support markdown only, anote...

WordPress Food And Drink Menu Plugin Remote Code Execution (CVE-2020-29045)

A remote code execution vulnerability exists in WordPress Food And Drink Menu Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

EulerOS 2.0 SP3 : grub2 (EulerOS-SA-2021-1794)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the ACPI command when Secure Boot is enabled. This...

Apple AirDrop Bug Could Leak Your Personal Info to Anyone Nearby

New research has uncovered privacy weaknesses in Apple's wireless file-sharing protocol that could result in the exposure of a user's contact information such as email addresses and phone numbers. "As an attacker, it is possible to learn the phone numbers and email addresses of AirDrop users – ev...