19 matches found
EUVD-2024-40090
Malicious code in bioql PyPI...
CVE-2024-43163
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Parcel Panel ParcelPanel allows Reflected XSS.This issue affects ParcelPanel: from n/a through 4.3.2...
CVE-2024-43163
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Parcel Panel ParcelPanel allows Reflected XSS.This issue affects ParcelPanel: from n/a through 4.3.2...
CVE-2024-43163
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Parcel Panel ParcelPanel allows Reflected XSS.This issue affects ParcelPanel: from n/a through 4.3.2...
CVE-2024-43163 WordPress ParcelPanel plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Parcel Panel ParcelPanel allows Reflected XSS.This issue affects ParcelPanel: from n/a through 4.3.2...
CVE-2024-43163
CVE-2024-43163 affects ParcelPanel (WordPress plugin) with a Reflected XSS vulnerability due to improper input neutralization during web page generation. Affected versions are ParcelPanel from n/a up to and including 4.3.2. Public metrics indicate a CVSS v3.1 base score of 7.1 (HIGH) with network...
CVE-2024-43163 WordPress ParcelPanel plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Parcel Panel ParcelPanel allows Reflected XSS.This issue affects ParcelPanel: from n/a through 4.3.2...
WordPress plugin ParcelPanel 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...
PT-2024-30355 · Unknown · Parcelpanel
Name of the Vulnerable Software and Affected Versions: ParcelPanel versions n/a through 4.3.2 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS in ParcelPanel. Recommendations: Fo...
WordPress ParcelPanel plugin <= 4.3.2 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin ParcelPanel versions = 4.3.2...
WordPress ParcelPanel Plugin <= 4.3.2 is vulnerable to Cross Site Scripting (XSS)
Software ParcelPanel Type Plugin Vulnerable versions = 4.3.2 Fixed in 4.3.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43163 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 6478ea4a7c9e Credits Le Ngoc Anh Required privilege...
CVE-2024-34412
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Parcel Panel ParcelPanel.This issue affects ParcelPanel: from n/a through 3.8.1...
CVE-2024-34412 WordPress ParcelPanel plugin <= 3.8.1 - Auth. SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Parcel Panel ParcelPanel.This issue affects ParcelPanel: from n/a through 3.8.1...
CVE-2024-34412
CVE-2024-34412 affects the ParcelPanel (ParcelPanel for WordPress) plugin for ParcelPanel: vulnerable in versions up to 3.8.1. The issue is an SQL Injection caused by improper neutralization of input elements in SQL commands, enabling attacker-controlled data to be injected into queries. Impact p...
CVE-2024-34412 WordPress ParcelPanel plugin <= 3.8.1 - Auth. SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Parcel Panel ParcelPanel.This issue affects ParcelPanel: from n/a through 3.8.1...
WordPress ParcelPanel plugin <= 3.8.1 - Subscriber+ SQL Injection vulnerability
Subscriber+ SQL Injection vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin ParcelPanel versions = 3.8.1...
WordPress ParcelPanel Plugin <= 3.8.1 is vulnerable to SQL Injection
Software ParcelPanel Type Plugin Vulnerable versions = 3.8.1 Fixed in 3.9.0 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-34412 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID f51d7f941e90 Credits Le Ngoc Anh Required privilege Subscriber Published...
WordPress plugin ParcelPanel SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...
PT-2024-25864 · Unknown · Parcelpanel
Name of the Vulnerable Software and Affected Versions: ParcelPanel versions 3.8.1 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting maliciou...