CVE-2018-25121

Nagios XI

WordPress WP SMS Plugin < 5.4.13 is vulnerable to Cross Site Scripting (XSS)

Software WP SMS Type Plugin Vulnerable versions 5.4.13 Fixed in 5.4.13 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2021-24561 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 935be5382779 Credits Muhammad Daffa Required privileg...

CVE-2021-44057

An improper authentication vulnerability has been reported to affect QNAP device running Photo Station. If exploited, this vulnerability allows attackers to compromise the security of the system. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station...

PT-2021-16080 · WordPress · Wp Sms

Name of the Vulnerable Software and Affected Versions: WP SMS WordPress plugin versions prior to 5.4.13 Description: The issue is related to an Authenticated Stored Cross-Site Scripting problem. It occurs because the wp group name parameter is not properly sanitized before being outputted back in...

Nagios XI Directory Traversal Vulnerability

Nagios XI is a suite of IT infrastructure monitoring solutions from the US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems and more. A security vulnerability exists in Nagios XI version 5.4.13. An attacker can exploit the vulnerability to...

NagiosXI <= 5.4.12 info.php SQL injection(CVE-2018-10736)

NagiosXI = 5.4.12 info.php SQL injectionCVE-2018-10736 Description A SQL injection issue was discovered in Nagios XI via the admin/info.php key1 parameter. Affected Version Nagios XI 5.2.x Nagios XI 5.4.x before 5.4.13 Proof of concept...