PT-2024-16884 · WordPress · Soledad

Name of the Vulnerable Software and Affected Versions: Soledad theme for WordPress versions up to, and including, 8.5.9 Description: The Soledad theme for WordPress is vulnerable to Local File Inclusion via several functions like penci archive more post ajax func, penci more post ajax func, and...

WordPress plugin Soledad 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

Atlassian Confluence 7.20.x < 8.5.9 Cross-Site Scripting

According to its self-reported version number, the Atlassian Confluence application running on the remote host is prior to 7.19.22, 7.20.x prior to 8.5.9 or 8.6.x prior to 8.9.1. It is, therefore, affected by a stored Cross-Site Scripting XSS vulnerability. Note that the scanner has not tested fo...

Grafana Labs Stored XSS (CVE-2022-31097)

According to its self-reported version number, the version of Grafana Labs running on the remote host is affected by a stored cross-site scripting vulnerability: - XSS vulnerability in the Unified Alerting feature of Grafana. After analysis, this stored XSS could be used to elevate privileges fro...

CVE-2021-28254

A deserialization vulnerability in the destruct function of Laravel v8.5.9 allows attackers to execute arbitrary commands...

PT-2023-12125 · Laravel · Laravel

Name of the Vulnerable Software and Affected Versions: Laravel version 8.5.9 Description: A deserialization vulnerability in the destruct function allows attackers to execute arbitrary commands. Recommendations: For Laravel version 8.5.9, consider disabling the destruct function until a patch is...

Atlassian Jira < 7.13.18 Support Entitlement Number Disclosure

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is prior to 7.3.18, 8.x 8.5.9 or 8.6.x 8.12.1. It is, therefore, affected by an information disclosure vulnerability in the HTTP Response headers allowing a remote attacker with limited...

CVE-2020-14184

Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in Jira issue filter export files. The affected versions are before 8.5.9, from version 8.6.0 before 8.12.3, and from version 8.13.0 before 8.13.1...

CVE-2020-14184

Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in Jira issue filter export files. The affected versions are before 8.5.9, from version 8.6.0 before 8.12.3, and from version 8.13.0 before 8.13.1...

CVE-2020-14184

Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in Jira issue filter export files. The affected versions are before 8.5.9, from version 8.6.0 before 8.12.3, and from version 8.13.0 before 8.13.1...

XSS in Jira issue filter export file via malicious full name - CVE-2020-14184

Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting XSS vulnerability in Jira issue filter export files. The affected versions are before version 8.5.9, from version 8.6.0 before 8.12.3, and from version 8.13.0 before...