Juzaweb CMS 代码注入漏洞

Juzaweb CMS is a content management system based on Laravel framework and Web platform developed by Juzaweb individual developers. A code injection vulnerability exists in Juzaweb CMS 3.4.2 and earlier versions, which originates from a cross-site scripting attack on the parameter Upload in the fi...

WordPress CK and SyntaxHighlighter plugin <= 3.4.2 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin CK and SyntaxHighlighter versions = 3.4.2...

WordPress plugin Watu Quiz SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2024-27567 · Noptin · Noptin

Name of the Vulnerable Software and Affected Versions: Noptin versions through 3.4.2 Description: The issue is related to a Missing Authorization vulnerability in Noptin Newsletter, where functionality is not properly constrained by ACLs, allowing unauthorized access. Recommendations: For version...

WordPress Google Calendar Events plugin <= 3.4.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin Google Calendar Events versions = 3.4.2...

PT-2024-11970 · Dell · Dell Repository Manager

Name of the Vulnerable Software and Affected Versions: Dell Repository Manager versions 3.4.2 and earlier Description: A local low privileged attacker may potentially exploit a Local Privilege Escalation Vulnerability in the Installation module, leading to the execution of arbitrary executables o...

WordPress Inquiry Cart plugin <= 3.4.2 - CSRF Leading to Stored Cross-Site Scripting vulnerability

CSRF Leading to Stored Cross-Site Scripting vulnerability discovered by Bob Matyas in WordPress Plugin Inquiry Cart versions = 3.4.2...

WordPress Plugin EventPrime Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

ShopWind 跨站脚本漏洞

ShopWind is a China ShopWind company based on the Yii2.0 framework deep refactoring of B2B2C, O2O industry e-commerce system software. You can easily create and publish your own brand of professional e-commerce platform for all-round branding and product promotion. shopWind v3.4.2 version and...

ksmbd 安全漏洞

ksmbd is an open source kernel CIFS/SMB3 server created by Namjae Jeon for the Linux kernel. It is an implementation of the SMB/CIFS protocol in kernel space for sharing files and IPC services over a network. A security vulnerability exists in ksmbd server 3.4.2 and earlier versions, which result...