Lucene search
K

7 matches found

Positive Technologies
Positive Technologies
added 2023/12/26 12:0 a.m.4 views

PT-2023-32234 · WordPress · Wp Mail Log

Name of the Vulnerable Software and Affected Versions: WP Mail Log WordPress plugin versions prior to 1.1.3 Description: The issue arises from the WP Mail Log WordPress plugin not properly sanitizing and escaping a parameter before using it in a SQL statement, leading to a SQL injection. This can...

8.8CVSS8.9AI score0.00721EPSS
Exploits2References6
CNNVD
CNNVD
added 2023/12/26 12:0 a.m.4 views

WordPress plugin WP Mail Log security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability in the...

6.5CVSS6.4AI score0.00707EPSS
Exploits2References2
SUSE CVE
SUSE CVE
added 2023/02/15 3:39 a.m.6 views

SUSE CVE-2021-36780

A Missing Authentication for Critical Function vulnerability in longhorn of SUSE Longhorn allows attackers to connect to a longhorn-engine replica instance granting it the ability to read and write data to and from a replica that they should not have access to. This issue affects: SUSE Longhorn...

8.1CVSS7.9AI score0.00451EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/03/05 12:0 a.m.17 views

Rafael França activerecord-session_store 安全漏洞

Rafael França activerecord-sessionstore is an open source application by Rafael França. A default class is provided, but any object with a textual sessionid and data attribute duck-typed into the Active Record Session class is sufficient. A security vulnerability exists in all versions of...

5.3CVSS6.8AI score0.01835EPSS
Exploits0References5
CNVD
CNVD
added 2019/03/07 12:0 a.m.1 views

OFCMS backend ueditor uploadScrawl file upload vulnerability

OFCMS is a content management system based on Java technology. A backend ueditor uploadScrawl file upload vulnerability exists in versions of OFCMS prior to 1.1.3. The vulnerability stems from the blocking of .jsp and .jspx files that fails to take into account the file.jsp::$DATA of the...

7.2CVSS7.6AI score0.02708EPSS
Exploits1References1
CNVD
CNVD
added 2019/03/07 12:0 a.m.2 views

OFCMS Backend SQL Injection Vulnerability

OFCMS is a content management system based on Java technology. A backend SQL injection vulnerability exists in versions of OFCMS prior to 1.1.3. An attacker can exploit the vulnerability to launch admin/system/generate/create?sql= SQL injection attack...

7.2CVSS7.9AI score0.01298EPSS
Exploits1References1
CNVD
CNVD
added 2019/01/16 12:0 a.m.3 views

NTPsec Buffer Overflow Vulnerability

NTPsec is an implementation of the Network Time Protocol. A stack buffer overflow vulnerability exists in the readsysvars of the ntpcontrol.c file of ntpd in versions prior to NTPsec 1.1.3, which can be exploited by an attacker to cause a denial of service...

9.1CVSS9.1AI score0.66881EPSS
Exploits5References1
Rows per page
Query Builder