PT-2026-38899

These are all security issues fixed in the libexif-devel-0.6.26-1.1 package on the GA media of openSUSE Tumbleweed...

Calibre-Web 安全漏洞

Calibre-Web is a web application developed by Jan B, designed for browsing, reading, and downloading e-books from the Calibre database. Calibre-Web versions 0.6.26 and earlier contain security vulnerabilities. These vulnerabilities stem from the generateauthtoken function in the Endpoint...

CVE-2023-38350

PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller via the basket API and filters. This affects 0.6.26...

CVE-2023-38349

PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. This affects 0.6.26...

CVE-2023-38350

PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller via the basket API and filters. This affects 0.6.26...

CVE-2023-38350

PNP4Nagios through 81ebfc5 has stored XSS in the AJAX controller via the basket API and filters. This affects 0.6.26...

CVE-2023-38349

PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. This affects 0.6.26...

Cross site request forgery (csrf)

PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. This affects 0.6.26...

CVE-2023-38349

PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. This affects 0.6.26...

CVE-2023-38349

PNP4Nagios through 81ebfc5 lacks CSRF protection in the AJAX controller. This affects 0.6.26...

PNP4Nagios 跨站请求伪造漏洞

PNP4Nagios is a plugin for the PNP4Nagios project. A cross-site request forgery vulnerability exists in PNP4Nagios version 0.6.26 and earlier, which stems from a lack of CSRF protection in the AJAX controller...

PNP4Nagios 跨站脚本漏洞

PNP4Nagios is a plugin for the PNP4Nagios project. A security vulnerability exists in PNP4Nagios version 0.6.26 that stems from stored cross-site scripting in the basket API and filters in the AJAX controller...

PT-2023-3899 · Unknown · Pnp4Nagios

Name of the Vulnerable Software and Affected Versions: PNP4Nagios versions 0.6.26 and prior to version 81ebfc5 Description: The issue is related to a lack of CSRF protection in the AJAX controller of the PNP4Nagios performance analyzer, which is part of the Nagios network monitoring system. This...

SUSE CVE-2017-16834

PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an unprivileged account but root code execution depends on these files, which allows local users to gain privileges by leveraging access to this unprivileged account...

WordPress plugin YaMaps for WordPress Plugin 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PNP4Nagios Elevation of Privilege Vulnerability

PNP4Nagios is a set of Nagios plug-ins that get performance data analyzed via plug-ins and store them automatically in the RRD database. An elevation of privilege vulnerability exists in PNP4Nagios version 0.6.26 and earlier. A local attacker can exploit this vulnerability to gain privileges...