Lucene search
K

6 matches found

Positive Technologies
Positive Technologies
added 2024/07/26 12:0 a.m.6 views

PT-2024-28786 · Sl 500 +2 · Sl 500 +2

Name of the Vulnerable Software and Affected Versions: Solar-Log 1000 versions prior to 2.8.2 and build 52-23.04.2013 SL 200 versions prior to 3.0.0-60 SL 500 versions prior to 3.0.0-60 Description: The issue concerns the storage of plaintext passwords in certain files, specifically export.html,...

8.1CVSS7.2AI score0.00421EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/25 12:0 a.m.4 views

PT-2024-24761 · Unknown · Loginpress Pro

Name of the Vulnerable Software and Affected Versions: LoginPress Pro versions prior to 3.0.0 Description: The issue is related to an Improper Restriction of Excessive Authentication Attempts, which allows for the removal of important client functionality. Recommendations: For versions prior to...

5.3CVSS6.9AI score0.0043EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/24 12:0 a.m.4 views

PT-2024-24762 · Unknown · Loginpress Pro

Name of the Vulnerable Software and Affected Versions: LoginPress Pro versions prior to 3.0.0 Description: The issue is related to a Missing Authorization vulnerability in LoginPress Pro. Recommendations: For versions prior to 3.0.0, update to version 3.0.0 or later to resolve the issue...

6.5CVSS6.7AI score0.00531EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/01/17 12:0 a.m.11 views

PT-2024-1507 · WordPress · Web3

Name of the Vulnerable Software and Affected Versions: Web3 WordPress plugin versions prior to 3.0.0 Description: The issue is related to an authentication bypass due to incorrect authentication checking in the login flow. This is caused by vulnerabilities in the handle auth request and handle...

10CVSS7.5AI score0.01773EPSS
Exploits3References12
Github Security Blog
Github Security Blog
added 2020/09/01 3:23 p.m.22 views

Forgeable Public/Private Tokens in jws

Affected versions of the jws package allow users to select what algorithm the server will use to verify a provided JWT. A malicious actor can use this behaviour to arbitrarily modify the contents of a JWT while still passing verification. For the common use case of the JWT as a bearer token, the...

4.1AI score0.01798EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 2019/07/30 12:0 a.m.4 views

PT-2019-17683 · Nextcloud · Nextcloud Android App

Name of the Vulnerable Software and Affected Versions: Nextcloud Android app versions prior to 3.0.0 Description: The issue allows for the destruction of a local cache when a harmful query is executed, requiring the user to reset up the account. This occurs due to SQL Injection in the Nextcloud...

9.8CVSS9.3AI score0.02019EPSS
Exploits0References4
Rows per page
Query Builder