Linux Distros Unpatched Vulnerability : CVE-2019-14466

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The GOsaFilterSettings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file...

PT-2024-16819 · WordPress · Mycred

Name of the Vulnerable Software and Affected Versions: myCred – Loyalty Points and Rewards plugin versions up to, and including, 2.7.5.2 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes in the...

WordPress plugin myCred 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site scripting...

WordPress myCred plugin <= 2.7.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via mycred_send Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via mycredsend Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin myCred versions = 2.7.5.2...

Scada-LTS Security Vulnerability

Scada-LTS is an open source, web-based, multi-platform solution from Scada-LTS Open Source. A security vulnerability exists in Scada-LTS v2.7.5.2 and earlier versions that originated from allowing a remote attacker with low-level authentication to escalate privileges, execute arbitrary code, and...

UBUNTU-CVE-2019-14466

The GOsaFilterSettings cookie in GONICUS GOsa 2.7.5.2 is vulnerable to PHP objection injection, which allows a remote authenticated attacker to perform file deletions in the context of the user account that runs the web server via a crafted cookie value, because unserialize is used to restore...