PT-2020-20264

Name of the Vulnerable Software and Affected Versions: InfiniteWP Client plugin versions prior to 1.9.4.5 Description: The InfiniteWP Client plugin for WordPress has a missing authorization check in the iwp mmb set request function within the init.php file. An attacker who knows an administrator'...

CVE-2016-1214

Cross-site scripting XSS vulnerability in the "Response request" function in Cybozu Garoon before 4.2.2...

"Response request" function in Cybozu Garoon vulnerable to cross-site scripting

Overview Cybozu Garoon provided by Cybozu,Inc. is a groupware. "Response request" function in Cybozu Garoon contains a cross-site scripting vulnerability. Cybozu, Inc. reported this vulnerability to JPCERT/CC to notify users of its solution through JVN. JPCERT/CC and Cybozu, Inc. coordinated unde...

kernel-rt: Sending SysRq command via ICMP echo request

A flaw was found in the way the realtime kernel processed specially crafted ICMP echo requests. A remote attacker could use this flaw to trigger a sysrql function based on values in the ICMP packet, allowing them to remotely restart the system. Note that this feature is not enabled by default and...

DEBIAN-CVE-2013-7401

The parserequest function in request.c in c-icap 0.2.x allows remote attackers to cause a denial of service crash via a URI without a " " or "?" character in an ICAP request, as demonstrated by use of the OPTIONS method...

hzhost6. 5 Hua public virtual host management system latest SQL vulnerability-vulnerability warning-the black bar safety net

This vulnerability out in the channeldmectr. asp this file,with no filtering of any parameter. Just here I have a genuine copy of the patch,open a look,patched the channeldmectr. asp file in the 2 1 row to the 4 row 0,add the following code: Program code Function SafeRequestParaName Dim ParaValue...