WordPress WP Shortcodes Plugin — Shortcodes Ultimate plugin <= 7.3.3 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Shortcodes Ultimate versions = 7.3.3...

WordPress plugin Shortcodes Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

MIM Software Code Issues Vulnerabilities

MIM Software is a remote access application from MIM Software, Inc. dedicated to helping customers provide the best possible patient care. A security vulnerability exists in MIM versions 7.2.10 and 7.3.3 that stems from improperly restricting references to XML external entities...

LibreOffice 7.2.x < 7.2.7, 7.3.x < 7.3.3 Multiple Vulnerabilities (Jul 2022) - Windows

LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

CVE-2022-26593

Cross-site scripting XSS vulnerability in the Asset module's asset categories selector in Liferay Portal 7.3.3 through 7.4.0, and Liferay DXP 7.3 before service pack 3 allows remote attackers to inject arbitrary web script or HTML via the name of a asset category...

ClinicCases Cross-Site Scripting Vulnerability (CNVD-2022-05858)

ClinicCases is an open source case management system designed for law school clinics.A cross-site scripting vulnerability exists in ClinicCases version 7.3.3, which stems from a lack of effective validation and filtering of user-submitted parameters by the software. The vulnerability allows a low...

ClinicCases SQL注入漏洞

ClinicCases is an open source case management system designed for law school clinics. ClinicCases version 7.3.3 suffers from a SQL injection vulnerability that allows a low-privilege attacker to execute arbitrary SQL commands via vulnerable parameters...

PT-2020-14662 · Liferay · Liferay Dxp +1

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions prior to 7.3.3 Liferay DXP 7.1 versions prior to fix pack 18 Liferay DXP 7.2 versions prior to fix pack 6 Description: The issue allows remote authenticated users to conduct denial-of-service attacks by uploading large...

Liferay Portal 7.3.2 DoS Vulnerability

Liferay Portal is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

php: Invalid read in exif_process_SOFn()

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exifprocessSOFn...

QRadar Community Edition 7.3.1.6 Insecure File Permissions Vulnerability

Exploit for php platform in category web applications ------------------------------------------------------------------------ Local privilege escalation in QRadar due to run-result-reader.sh insecure file permissions ------------------------------------------------------------------------ Abstra...

CVE-2020-4271

IBM QRadar 7.3.0 to 7.3.3 Patch 2 could allow an authenticated user to send a specially crafted command which would be executed as a lower privileged user. IBM X-ForceID: 175897...

Security Bulletin: IBM QRadar SIEM is vulnerable to cross site scripting (XSS) (CVE-2020-4268)

Summary IBM QRadar SIEM is vulnerable to cross site scripting Vulnerability Details CVEID: CVE-2020-4268 DESCRIPTION: IBM QRadar is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality...

PHP 'new COM()' Denial of Service Vulnerability

Description PHP is prone to a denial-of-service vulnerability. Successful exploits may allow the attacker to crash the affected application resulting in denial-of-service condition. Versions prior to PHP 7.4.0 are vulnerable. Technologies Affected PHP PHP 7.3.0 PHP PHP 7.3.1 PHP PHP 7.3.2 PHP PHP...

Fedora 30 : php (2019-3f4ba94260)

PHP version 7.3.3 07 Mar 2019 Core: - Fixed bug php77589 Core dump using parseinistring with numeric sections. Laruence - Fixed bug php77329 Buffer Overflow via overly long Error Messages. Dmitry - Fixed bug php77494 Disabling class causes segfault on member access. Dmitry - Fixed bug php77498...

PHP 7.3.x < 7.3.3 Multiple vulnerabilities.

According to its banner, the version of PHP running on the remote web server is 7.3.x prior to 7.3.3. It is, therefore, affected by multiple vulnerabilities: - Uninitialized reads in the EXIF component of PHP due to the mishandling of data in exifprocessIFDinMAKERNOTE, and exifprocessIFDinTIFF...

CVE-2019-9637

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to...