AMD Secure Processor 安全漏洞

The AMD Secure Processor is an independent ARM Coretex-A5 chip developed by the American semiconductor company AMD. The AMD Secure Processor has a security vulnerability that stems from improper parameter handling, which may allow for the execution of arbitrary code...

Android-Hacking

Android-Hacking By joaostack & 0xreip\ Translations by...

EUVD-2019-6435

Malware in sbrugna...

EUVD-2019-5217

Malware in sbrugna...

EUVD-2019-5215

Malware in sbrugna...

WordPress StoreKeeper for WooCommerce Plugin <= 14.4.4 - Arbitrary File Upload Vulnerability

Arbitrary File Upload Vulnerability discovered by theviper17 in WordPress Plugin StoreKeeper for WooCommerce versions = 14.4.4...

CVE-2024-13226

The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2019-15434

The Samsung A5 Android device with a build fingerprint of samsung/a5y17ltexx/a5y17lte:8.0.0/R16NW/A520FXXS8CSC5:user/release-keys contains a pre-installed app with a package name of com.samsung.android.themecenter app versionCode=7000000, versionName=7.0.0.0 that allows other pre-installed apps t...

CVE-2019-13950

index.php?c=admin=index in SyGuestBook A5 Version 1.2 has stored XSS via a reply to a comment...

CVE-2019-13948

SyGuestBook A5 Version 1.2 allows stored XSS because the isValidData function in include/functions.php does not properly block XSS payloads, as demonstrated by a crafted use of the onerror attribute of an IMG element...

WordPress WP Mapa Politico España plugin <= 3.8.0 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Chu The Anh Blue Rock in WordPress Plugin WP Mapa Politico España versions = 3.8.0...

WordPress QuadMenu plugin <= 3.2.0 - Cross-Site Request Forgery to Limited User Meta Update vulnerability

Cross-Site Request Forgery to Limited User Meta Update vulnerability discovered by Peter Thaleikis in WordPress Plugin QuadMenu versions = 3.2.0...

WordPress A5 Custom Login Page plugin <= 2.8.1 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin A5 Custom Login Page versions = 2.8.1...

CVE-2024-13226 A5 Custom Login Page <= 2.8.1 - Reflected XSS

The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13226 A5 Custom Login Page <= 2.8.1 - Reflected XSS

The A5 Custom Login Page WordPress plugin through 2.8.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

CVE-2024-13226

CVE-2024-13226 affects the A5 Custom Login Page WordPress plugin (versions up to 2.8.1). The vulnerability is a reflected cross-site scripting (XSS) caused by insufficient sanitization/escaping of a parameter before it is echoed in the login page. Impact: potential execution of scripts in the con...

PT-2025-2080

Name of the Vulnerable Software and Affected Versions A5 Custom Login Page WordPress plugin versions 2.8.1 and earlier Description The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in t...

WordPress Customer Reviews for WooCommerce Plugin <= 5.61.0 is vulnerable to Broken Access Control

Software Customer Reviews for WooCommerce Type Plugin Vulnerable versions = 5.61.0 Fixed in 5.62.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10614 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID ce10b4d9cbd7 Credits incognito...

WordPress Simple Local Avatars Plugin <= 2.7.11 is vulnerable to Broken Access Control

Software Simple Local Avatars Type Plugin Vulnerable versions = 2.7.11 Fixed in 2.8.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10786 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 717b24faeea4 Credits Trương Hữu Phúc...

WordPress Video Gallery for WooCommerce Plugin <= 1.31 is vulnerable to Broken Access Control

Software Video Gallery for WooCommerce Type Plugin Vulnerable versions = 1.31 Fixed in 1.32 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-10535 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID fc5201d78d06 Credits incognito Require...