45 matches found
WordPress Easy Booked Plugin <= 2.4.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by l8BL Patchstack Alliance in WordPress Plugin Easy Booked – Appointment Booking and Scheduling Management System for WordPress versions = 2.4.5...
WordPress plugin Chatbot with ChatGPT 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... A security vulnerability...
WordPress Clone plugin <= 2.4.5 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Clone versions = 2.4.5...
GHSA-8W5F-8992-G86J Magento Improper Authorization vulnerability
Magento versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an Improper Authorization vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and disclose minor information...
CVE-2023-36504
Missing Authorization vulnerability in BBS e-Theme BBS e-Popup.This issue affects BBS e-Popup: from n/a through 2.4.5...
WordPress Newsletter - API addon for Newsletter plugin <= 2.4.5 - Missing Authorization to Email Subscribers Management vulnerability
WordPress Newsletter - API addon for Newsletter plugin = 2.4.5 - Missing Authorization to Email Subscribers Management vulnerability discovered by Arkadiusz Hydzik in WordPress Plugin Newsletter - API addon Premium versions = 2.4.5...
VulnCheck KEV: CVE-2024-20720
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user...
CVE-2024-20716 Force high-usage of resources by generating unlimited coupons: Adobe Commerce
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Uncontrolled Resource Consumption vulnerability that could lead to an application denial-of-service. A high-privileged attacker could leverage this vulnerability to exhaust system resources, causing the applicatio...
Adobe Commerce 代码问题漏洞
Adobe Commerce is a leading global digital commerce solution for merchants and brands from Adobe. A code issue vulnerability exists in Adobe Commerce that stems from the presence of a Server Request Forgery SSRF vulnerability. An attacker could exploit the vulnerability to read arbitrary system...
CVE-2023-27455
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Maui Marketing Update Image Tag Alt Attribute plugin = 2.4.5 versions...
PT-2023-21019 · Jizhicms · Jizhicms
Name of the Vulnerable Software and Affected Versions: Jizhicms version 2.4.5 Description: An arbitrary file upload vulnerability in the CommonController.php component allows attackers to execute arbitrary code via a crafted phtml file. This issue is related to the admincCommonController.php...
SUSE CVE-2018-9259
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash. This was addressed in epan/dissectors/file-mp4.c by restricting the box recursion depth...
PT-2023-12307 · Unknown · Jeecg-Boot
Name of the Vulnerable Software and Affected Versions: jeecg-boot versions 2.4.5 and earlier Description: The issue allows remote attackers to gain escalated privilege and view sensitive information. This is achieved via the "api uri:/sys/user/checkOnlyUser?username=admin" endpoint, where the...
UBUNTU-CVE-2022-36760
Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.54 and prior versions...
CVE-2022-3232
Cross-Site Request Forgery CSRF in GitHub repository ikus060/rdiffweb prior to 2.4.5...
DEBIAN-CVE-2022-26377
Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in modproxyajp of Apache HTTP Server allows an attacker to smuggle requests to the AJP server it forwards requests to. This issue affects Apache HTTP Server Apache HTTP Server 2.4 version 2.4.53 and prior versions...
CVE-2022-24576
creationtimestamp| type| source ---|---|--- 2022-03-14 17:23:45+00:00| seen| https://t.me/cibsecurity/38885...
Apache HTTP Server 环境问题漏洞
Apache HTTP Server is an open source web server from the Apache Foundation. Apache HTTP Server is vulnerable to an environmental issue that results from Apache HTTP Server's inability to close inbound connections when dropping the body of a request, leading to request smuggling. The vulnerability...
CVE-2022-24526 Visual Studio Code Spoofing Vulnerability
...
CVE-2021-24575
creationtimestamp| type| source ---|---|--- 2021-11-08 20:29:26+00:00| seen| https://t.me/cibsecurity/31997...