9 matches found
Drupal Colorbox Inline 跨站脚本漏洞
Drupal Colorbox Inline is a Drupal pop-up display module developed by the Drupal company. Versions of Drupal Colorbox Inline prior to 2.1.1 contained a cross-site scripting vulnerability. This vulnerability stemmed from improper input validation during web page generation, which could lead to...
PT-2026-1329
Name of the Vulnerable Software and Affected Versions evershop versions prior to 2.1.1 Description A Blind Server-Side Request Forgery SSRF exists in evershop versions prior to 2.1.1. An unauthenticated attacker can force the server to initiate an HTTP request via the ''/images'' API endpoint. Th...
Apache ActiveMQ NMS OpenWire Client 安全漏洞
Apache ActiveMQ NMS OpenWire Client is an American Apache Apache Foundation . A deserialization vulnerability exists in Apache ActiveMQ NMS OpenWire Client versions prior to 2.1.1, which arises from unsafe deserialization of serialized data received by an application from a user and can be...
CVE-2024-13260 Migrate queue importer - Moderately critical - Cross Site Request Forgery - SA-CONTRIB-2024-024
Cross-Site Request Forgery CSRF vulnerability in Drupal Migrate queue importer allows Cross Site Request Forgery.This issue affects Migrate queue importer: from 0.0.0 before 2.1.1...
WordPress theme Himer security vulnerability
WordPress is a blogging platform from the WordPress Foundation developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress theme Himer versions prior to 2.1.1, which ste...
WordPress theme Himer Cross-Site Request Forgery Vulnerability
WordPress is a blogging platform from the WordPress Foundation developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress theme is a theme for WordPress. A cross-site request forgery vulnerability exists in WordPress theme Himer versions prior t...
PT-2023-7320 · Bumsys · Bumsys
Name of the Vulnerable Software and Affected Versions: bumsys versions prior to 2.1.1 Description: The issue is related to a PHP Remote File Inclusion vulnerability. This could allow a remote attacker to execute arbitrary code by sending specially crafted requests. Recommendations: For versions...
Apache CouchDB Remote Code Execution Vulnerability
Apache CouchDB is the United States Apache Apache Software Foundation , a free , open source , document-oriented database , is a use of JSON as a storage format , JavaScript as a query language , MapReduce and HTTP as the API of the NoSQL database . A remote code execution vulnerability exists in...
Cisco AMP Threat Grid Unauthorized Access Vulnerability
Cisco AMP Threat Grid is the United States Cisco Cisco company's set of integrated static and dynamic malware analysis and threat intelligence in one solution. The program can help enterprises to analyze the behavior and intent of malware, the impact of the threat level and defense methods. An...