CVE-2024-47530

Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lac...

CVE-2024-47531 Scout contains insufficient output escaping of attachment names

Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and...

CVE-2024-47531 Scout contains insufficient output escaping of attachment names

Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and...

CVE-2024-47531 Scout contains insufficient output escaping of attachment names

Scout is a web-based visualizer for VCF-files. Due to the lack of sanitization in the filename, it is possible bypass intended file extension and make users download malicious files with any extension. With malicious content injected inside the file data and users unknowingly downloading it and...

CVE-2024-47530 Scout contains an Open Redirect on Login via `next`

Scout is a web-based visualizer for VCF-files. Open redirect vulnerability allows performing phishing attacks on users by redirecting them to malicious page. /login API endpoint is vulnerable to open redirect attack via next parameter due to absence of sanitization logic. Additionally, due to lac...

CVE-2024-47530

CVE-2024-47530 affects gstreamer-plugins-good in SUSE open advisories. The connected documents specify the vulnerability as an uninitialized stack memory issue in the Matroska/WebM demuxer, with multiple SUSE advisories (SUSE-SU-2025:0063-1, SUSE-SU-2025:0064-1, SUSE-SU-2025:0067-1) listing this ...

PT-2024-32645 · Scout · Scout

Name of the Vulnerable Software and Affected Versions: Scout versions prior to 4.89 Description: The issue arises from the lack of sanitization in filenames, allowing bypass of intended file extensions. This enables the download of malicious files with any extension. If users unknowingly download...

Malicious code in logs-visualizer (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

MAL-2024-6979 Malicious code in logs-visualizer (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

Visualizer < 3.11.2 - Authenticated (Subscriber+) SQL Injection

Description The Visualizer: Tables and Charts Manager for WordPress plugin for WordPress is vulnerable to SQL Injection via the saveQuery function in all versions up to, and including, 3.11.1 due to a missing capability check on a function that runs SQL Queries. This makes it possible for...

CVE-2024-35736

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle Visualizer.This issue affects Visualizer: from n/a through 3.11.1...

CVE-2024-35736

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle Visualizer.This issue affects Visualizer: from n/a through 3.11.1...

CVE-2024-35736 WordPress Visualizer plugin <= 3.11.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle Visualizer.This issue affects Visualizer: from n/a through 3.11.1...

CVE-2024-35736 WordPress Visualizer plugin <= 3.11.1 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Themeisle Visualizer.This issue affects Visualizer: from n/a through 3.11.1...

CVE-2024-35736

CVE-2024-35736 concerns Themeisle Visualizer (Visualizer: Tables and Charts Manager for WordPress). A SQL Injection was reported due to improper neutralization of special elements in the plugin, affecting Visualizer: from n/a through 3.11.1. The linked data shows a CVSS base score of 8.8 (high) w...

WordPress plugin Visualizer SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

Fedora: Security Advisory for rust-elfcat (FEDORA-2024-40ee18b2e7)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress Visualizer plugin <= 3.11.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Visualizer versions = 3.11.1...

WordPress Visualizer Plugin <= 3.11.1 is vulnerable to SQL Injection

Software Visualizer Type Plugin Vulnerable versions = 3.11.1 Fixed in 3.11.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-35736 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID a8a01c7cac74 Credits Trương Hữu Phúc truonghuuphuc Required privilege...

[SECURITY] Fedora 39 Update: rust-elfcat-0.1.8-10.fc39

ELF visualizer. Generates HTML files from ELF binaries...