WordPress Events Manager – Calendar, Bookings, Tickets, and more! plugin <= 6.6.3 - Unauthenticated SQL Injection via Event Status Parameter vulnerability

Unauthenticated SQL Injection via Event Status Parameter vulnerability discovered by mikemyers in WordPress Plugin Events Manager versions = 6.6.3...

PT-2024-37969

Name of the Vulnerable Software and Affected Versions The Events Calendar plugin for WordPress versions prior to 6.6.4 Description The Events Calendar plugin for WordPress is susceptible to Stored Cross-Site Scripting XSS through the RSVP name field. Insufficient input sanitization and output...

Qt 安全漏洞

Qt is a cross-platform C++ application development framework from the Norwegian company Qt. It is widely used to develop GUI programs, in which case it is also known as the widget toolkit. It can also be used to develop non-GUI programs, such as console tools and servers. A security vulnerability...

CVE-2023-45585

An insertion of sensitive information into log file vulnerability CWE-532 in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, versi...

CVE-2023-45585

An insertion of sensitive information into log file vulnerability CWE-532 in FortiSIEM version 7.0.0, version 6.7.6 and below, version 6.6.3 and below, version 6.5.1 and below, version 6.4.2 and below, version 6.3.3 and below, version 6.2.1 and below, version 6.1.2 and below, version 5.4.0, versi...

PT-2023-22378 · Unknown · Call Blocker

Name of the Vulnerable Software and Affected Versions: Call Blocker application version 6.6.3 Description: The issue allows an attacker to inject large amounts of data into the application's database, causing it to crash due to an out-of-memory OOM error when it loads the data into memory on...

PT-2023-22379 · Unknown · The Call Blocker

Name of the Vulnerable Software and Affected Versions: The Call Blocker application version 6.6.3 Description: The issue allows unauthorized applications to use exposed components to delete data stored in the database related to user privacy settings, affecting the normal functionality of the...

PT-2023-22380 · Unknown · Call Blocker

Name of the Vulnerable Software and Affected Versions: Call Blocker application version 6.6.3 Description: The issue allows attackers to tamper with feature-related data, resulting in a severe elevation of privilege attack. Recommendations: For version 6.6.3, update to a newer version that contai...

CVE-2020-5752

Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges...

PT-2020-18673 · Druva · Druva Insync Windows Client

Name of the Vulnerable Software and Affected Versions: Druva inSync Windows Client version 6.6.3 Description: The issue allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges due to a relative path traversal vulnerability. Recommendations: F...

safemode-adv-nn.txt

==================================================================== Safemode.org security advisory: nn ==================================================================== Package: nn Version: 6.6.3 or prior Date: 28/06/2002 Issue: Remote format string Risk: High Credits: zillionatsafemode.org...