9 matches found
WordPress plugin Shortcodes Bootstrap 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin AppMaps 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request...
PT-2024-19789 · Visionos · Visionos
Name of the Vulnerable Software and Affected Versions: visionOS versions prior to 1.1 Description: A permissions issue was addressed to help ensure Personas are always protected. An unauthenticated user may be able to use an unprotected Persona. Recommendations: For versions prior to 1.1, update ...
ArslanSoft Education Portal SQL Injection Vulnerability
ArslanSoft Education Portal is an education portal from ArslanSoft, Inc. A SQL injection vulnerability exists in versions prior to ArslanSoft Education Portal v1.1, which stems from the presence of a SQL injection vulnerability...
PT-2023-32225
Name of the Vulnerable Software and Affected Versions ArslanSoft Education Portal versions prior to 1.1 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks...
PT-2023-32228
Name of the Vulnerable Software and Affected Versions ArslanSoft Education Portal versions prior to 1.1 Description The issue allows for the unrestricted upload of files with dangerous types, enabling the reading of sensitive strings within an executable. Recommendations For versions prior to 1.1...
PT-2023-17426 · WordPress · Call Now Accessibility Button
Name of the Vulnerable Software and Affected Versions: Call Now Accessibility Button WordPress plugin versions prior to 1.1 Description: The issue allows high-privilege users to perform Stored Cross-Site Scripting XSS attacks due to improper sanitization of some settings. This can occur even when...
CVE-2021-41995 PingID Mac Login prior to 1.1 vulnerable to pre-computed dictionary attacks
A misconfiguration of RSA in PingID Mac Login prior to 1.1 is vulnerable to pre-computed dictionary attacks, leading to an offline MFA bypass...
PT-2003-1784 · Apache · Apache Web Server
Name of the Vulnerable Software and Affected Versions: Docview versions prior to 1.1-18 Description: The issue allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules in the Apache web server configuration. Recommendations: For versio...