WordPress plugin AcyMailing 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

EUVD-2021-15746

Malware in sbrugna...

EUVD-2022-28052

Malicious code in bioql PyPI...

CVE-2024-43280

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1...

CVE-2021-25680

The AdTran Personal Phone Manager software is vulnerable to multiple reflected cross-site scripting XSS issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only version 10.8.1 was able to be...

CVE-2021-25679

The AdTran Personal Phone Manager software is vulnerable to an authenticated stored cross-site scripting XSS issues. These issues impact at minimum versions 10.8.1 and below but potentially impact later versions as well since they have not previously been disclosed. Only version 10.8.1 was able t...

HCL MyCloud 安全漏洞

HCL MyCloud is a hybrid cloud lifecycle management product from HCL India that provides optimal governance and monitoring of cloud infrastructures. A security vulnerability exists in HCL MyCloud version 10.8.1, which stems from improper access control and could lead to elevation of privilege,...

CVE-2024-43280

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Salon Booking System Salon booking system.This issue affects Salon booking system: from n/a through 10.8.1...

WordPress plugin Salon booking system 输入验证错误漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An input validation error...

PT-2024-30445

Name of the Vulnerable Software and Affected Versions: Salon booking system versions through 10.8.1 Description: The issue is related to a URL Redirection to Untrusted Site, also known as an 'Open Redirect' vulnerability, in the Salon Booking System. This vulnerability allows redirection to...

PT-2024-21105

Name of the Vulnerable Software and Affected Versions Esri Portal for ArcGIS versions 10.8.1 through 10.8.1 – 1121 Description The issue is a stored Cross-site Scripting vulnerability that may allow a remote, authenticated attacker to create a crafted link that can be saved as a new location when...

Cross site scripting

There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser. The privileges required to execute this...

CVE-2022-38204

There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and 10.7.1 which may allow a remote, unauthenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser...

Esri Portal For ArcGIS 跨站脚本漏洞

Esri Portal For ArcGIS is a component from Environmental Systems Research Institute Esri that allows maps, scenes, applications, and other geographic information to be shared with others within an organization. A cross-site scripting vulnerability exists in Esri Portal for ArcGIS versions 10.8.1...

Design/Logic Flaw

Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Analyzer on Linux Virtual Strage Software Agent component allows local users to gain sensitive information. This issue affects Hitachi Ops Center Analyzer: from 10.8.1-00 before 10.9.0-00...

CVE-2022-38194

In Esri Portal for ArcGIS versions 10.8.1, a system property is not properly encrypted. This may lead to a local user reading sensitive information from a properties file...

Design/Logic Flaw

In Esri Portal for ArcGIS versions 10.8.1, a system property is not properly encrypted. This may lead to a local user reading sensitive information from a properties file...

CVE-2022-38194 Portal for ArcGIS system properties are not properly encrypted (10.8.1 only)

In Esri Portal for ArcGIS versions 10.8.1, a system property is not properly encrypted. This may lead to a local user reading sensitive information from a properties file...

PT-2022-4367 · Esri · Portal For Arcgis

Name of the Vulnerable Software and Affected Versions: Portal for ArcGIS versions 10.8.1 and below Description: The issue is related to improper access control in Portal for ArcGIS, which could allow a remote, unauthenticated attacker to access an API. This may induce Esri Portal for ArcGIS to re...

PT-2022-24271 · Esri · Esri Portal For Arcgis

Name of the Vulnerable Software and Affected Versions: Esri Portal for ArcGIS version 10.8.1 Description: A system property in Esri Portal for ArcGIS is not properly encrypted, potentially allowing a local user to read sensitive information from a properties file. Recommendations: For Esri Portal...