4929 matches found
WordPress 3.8.x < 3.8.17 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the PHPMailer component in the class.phpmailer.php script due to improper handling of sender email addresses. An...
WordPress 4.0.x < 4.0.14 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the PHPMailer component in the class.phpmailer.php script due to improper handling of sender email addresses. An...
WordPress 4.2.x < 4.2.11 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the PHPMailer component in the class.phpmailer.php script due to improper handling of sender email addresses. An...
WordPress 4.6.x < 4.6.2 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the PHPMailer component in the class.phpmailer.php script due to improper handling of sender email addresses. An...
WordPress 4.2.x < 4.2.12 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the class-wp-press-this.php script due to a failure to properly restrict the user interface for assigning taxonomy terms...
WordPress 4.4.x < 4.4.7 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the class-wp-press-this.php script due to a failure to properly restrict the user interface for assigning taxonomy terms...
Drupal 8.x < 8.3.7 Multiple Vulnerabilities
According to its self-reported version number, the detected Drupal application is affected by multiple vulnerabilities : - A flaw exists in the views subsystem due to a failure to restrict access to the Ajax endpoint to only views configured to use Ajax. This is mitigated if you have access...
WordPress 3.7.x < 3.7.17 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the PHPMailer component in the class.phpmailer.php script due to improper handling of sender email addresses. An...
WordPress 4.7.x < 4.7.2 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the class-wp-press-this.php script due to a failure to properly restrict the user interface for assigning taxonomy terms...
WordPress 3.8.x < 3.8.18 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the class-wp-press-this.php script due to a failure to properly restrict the user interface for assigning taxonomy terms...
WordPress 4.3.x < 4.3.8 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the class-wp-press-this.php script due to a failure to properly restrict the user interface for assigning taxonomy terms...
WordPress 4.4.x < 4.4.6 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - A remote code execution vulnerability exists in the PHPMailer component in the class.phpmailer.php script due to improper handling of sender email addresses. An...
WordPress 4.0.x < 4.0.15 Multiple Vulnerabilities
According to its self-reported version number, the detected WordPress application is affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the class-wp-press-this.php script due to a failure to properly restrict the user interface for assigning taxonomy terms...
CVE-2018-6907
A Cross Site Request Forgery CSRF vulnerability in the Green Electronics RainMachine Mini-8 2nd Generation and Touch HD 12 web application allows an attacker to control the RainMachine device via the REST API...
CVE-2018-6906
A persistent Cross Site Scripting XSS vulnerability in the Green Electronics RainMachine Mini-8 2nd Generation and Touch HD 12 web application allows an attacker to inject arbitrary JavaScript via the REST API...
Cross site scripting
A persistent Cross Site Scripting XSS vulnerability in the Green Electronics RainMachine Mini-8 2nd Generation and Touch HD 12 web application allows an attacker to inject arbitrary JavaScript via the REST API...
Cross site request forgery (csrf)
A Cross Site Request Forgery CSRF vulnerability in the Green Electronics RainMachine Mini-8 2nd Generation and Touch HD 12 web application allows an attacker to control the RainMachine device via the REST API...
CVE-2018-6907
A Cross Site Request Forgery CSRF vulnerability in the Green Electronics RainMachine Mini-8 2nd Generation and Touch HD 12 web application allows an attacker to control the RainMachine device via the REST API...
CVE-2018-6907
The CVE-2018-6907 entry describes a CSRF vulnerability in Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application that could allow an attacker to control the RainMachine device via its REST API. Documents consistently identify the affected components as the RainMachi...
CVE-2018-6906
A persistent Cross Site Scripting XSS vulnerability in the Green Electronics RainMachine Mini-8 2nd Generation and Touch HD 12 web application allows an attacker to inject arbitrary JavaScript via the REST API...