25 matches found
CVE-2023-50872
The API in Accredible Credential.net December 6th, 2023 allows an Insecure Direct Object Reference attack that discloses partial information about certificates and their respective holder. NOTE: the excellium-services.com web page about this issue mentions "Vendor says that it's not a security...
CVE-2023-50827
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Accredible Accredible Certificates & Open Badges allows Stored XSS.This issue affects Accredible Certificates & Open Badges: from n/a through 1.4.8...
EUVD-2025-10489
Malicious code in bioql PyPI...
EUVD-2023-55605
Malicious code in bioql PyPI...
EUVD-2023-55560
Malicious code in bioql PyPI...
CVE-2024-13909
The Accredible Certificates & Open Badges plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
CVE-2024-13909
The CVE CVE-2024-13909 affects the Accredible Certificates & Open Badges WordPress plugin. It enables time-based SQL Injection through the orderby parameter in all versions up to 1.4.9 due to inadequate escaping and query construction, allowing authenticated Administrator+-level attackers to appe...
CVE-2024-13909 Accredible Certificates & Open Badges <= 1.4.9 - Authenticated (Administrator+) SQL Injection via orderby Parameter
The Accredible Certificates & Open Badges plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
CVE-2024-13909 Accredible Certificates & Open Badges <= 1.4.9 - Authenticated (Administrator+) SQL Injection via orderby Parameter
The Accredible Certificates & Open Badges plugin for WordPress is vulnerable to time-based SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 1.4.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query...
WordPress plugin Accredible Certificates & Open Badges SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Accredible Certificates & Ope...
Malicious code in accredible_api-ruby (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
CVE-2023-50872
The API in Accredible Credential.net December 6th, 2023 allows an Insecure Direct Object Reference attack that discloses partial information about certificates and their respective holder. NOTE: the excellium-services.com web page about this issue mentions "Vendor says that it's not a security...
CVE-2023-50872
The API in Accredible Credential.net December 6th, 2023 allows an Insecure Direct Object Reference attack that discloses partial information about certificates and their respective holder. NOTE: the excellium-services.com web page about this issue mentions "Vendor says that it's not a security...
CVE-2023-50872
CVE-2023-50872 affects Accredible Credential.net API. The vulnerability is an Insecure Direct Object Reference that discloses partial information about certificates and their holders. According to the CVSS details, it is a NETWORK-based issue with low attack complexity, no privileges required, an...
PT-2024-13985 · Accredible · Accredible Credential.Net
Name of the Vulnerable Software and Affected Versions: Accredible Credential.net affected versions not specified Description: The API in Accredible Credential.net allows an Insecure Direct Object Reference attack, which discloses partial information about certificates and their respective holders...
CVE-2023-50872
The API in Accredible Credential.net December 6th, 2023 allows an Insecure Direct Object Reference attack that discloses partial information about certificates and their respective holder. NOTE: the excellium-services.com web page about this issue mentions "Vendor says that it's not a security...
Accredible 安全漏洞
Accredible is a world-leading digital credentialing platform from Accredible, Inc. that provides digital badges and digital certificates. Accredible has a security vulnerability that stems from allowing an insecure direct object reference attack that can lead to information disclosure...
CVE-2023-50827
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Accredible Accredible Certificates & Open Badges allows Stored XSS.This issue affects Accredible Certificates & Open Badges: from n/a through 1.4.8...
CVE-2023-50827
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Accredible Accredible Certificates & Open Badges allows Stored XSS.This issue affects Accredible Certificates & Open Badges: from n/a through 1.4.8...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Accredible Accredible Certificates & Open Badges allows Stored XSS.This issue affects Accredible Certificates & Open Badges: from n/a through 1.4.8...