CVE-2024-6861 Foreman: foreman: oauth secret exposure via unauthenticated access to the graphql api

A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the introspection feature is enabled, it is possible for attackers to retrieve sensitive admin authentication keys which could result in a compromise of the entire product's API...

PT-2025-11653

Name of the Vulnerable Software and Affected Versions Synology DiskStation Manager DSM versions prior to 7.1.1-42962-8 Synology DiskStation Manager DSM versions prior to 7.2.1-69057-7 Synology DiskStation Manager DSM versions prior to 7.2.2-72806-3 Description The issue is related to improper...

Exploit for Unrestricted Upload of File with Dangerous Type in Pluck-Cms Pluck

CVE-2023-50564 - Pluck CMS v4.7.18 Remote Code Execution RCE...

CVE-2022-30356

OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST request to /user/assignuserrole via the userid and role parameters . Authentication is required with OEADMIN role privilege...

CVE-2024-6861

A disclosure of sensitive information flaw was found in foreman via the GraphQL API. If the introspection feature is enabled, it is possible for attackers to retrieve sensitive admin authentication keys which could result in a compromise of the entire product's API. Mitigation To mitigate this...

PT-2024-11528 · WordPress · Easy Digital Downloads

Name of the Vulnerable Software and Affected Versions: Easy Digital Downloads – Simple eCommerce for Selling Digital Files plugin for WordPress versions up to, and including 3.3.3 Description: The issue concerns deserialization of untrusted input via the uploadfile parameter. This allows...

Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks

Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance CSA has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the...

Exploit for Cross-Site Request Forgery (CSRF) in Creativeitem Academy_Lms

CVE-2022-47131 Academy LMS = 5.10 CSRF / XSS Descriptio...

CVE-2024-8091

The Enhanced Search Box WordPress plugin through 0.6.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

Allegro Software RomPager Misfortune Cookie (CVE-2014-9222) Authentication Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Allegro Software RomPager 'Misfortune Cookie' CVE-2014-9222 Authentication Bypass", 'Description' = %q This module exploits HTTP servers that...

CVE-2024-39717

The Versa Director GUI provides an option to customize the look and feel of the user interface. This option is only available for a user logged with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin. Tenant level users do not have this privilege. The “Change Favicon” Favorite Icon...

PT-2024-38375 · WordPress · Crm Perks Forms

Name of the Vulnerable Software and Affected Versions: CRM Perks Forms plugin for WordPress versions up to, and including, 1.1.3 Description: The issue is related to arbitrary file uploads due to insufficient file validation on the handle uploaded files function. This allows authenticated attacke...

CVE-2024-5678

Zohocorp ManageEngine Applications Manager versions 170900 and below are vulnerable to the authenticated admin-only SQL Injection in the Create Monitor feature...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO that originates from an administrator authentication process that can be bypassed to access multifunction device system information and web pages for...

DRUPAL-CONTRIB-2024-025

Acquia DAM provides a connection to a third-party asset management system, allowing for images to be managed, linked to, and viewed from Drupal. In order for assets to be managed in Drupal, a site administrator must first authenticate the site to their DAM instance. The module doesn't sufficientl...

CVE-2024-3406

The WP Prayer WordPress plugin through 2.0.9 does not have CSRF check in place when updating its email settings, which could allow attackers to make a logged in admin change them via a CSRF attack...

Sensitive Information Exposure

RhodeCode and Kallithea is vulnerable to Sensitive Information Exposure. The vulnerability is due to a lack of admin authentication which allows remote users to obtain API keys and other sensitive information via the getrepo API method...

PT-2024-22420 · Semcms · Semcms

Name of the Vulnerable Software and Affected Versions: SEMCMS version 4.8 Description: The issue arises from incorrect access control in the code, specifically where SEMCMS Funtion.php is installed before verifying the admin's validity on the admin page. This occurs because the authentication...

WordPress plugin easy-popup-show 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-1882 Server-side resource injection in PaperCut NG/MF

This vulnerability allows an already authenticated admin user to create a malicious payload that could be leveraged for remote code execution on the server hosting the PaperCut NG/MF application server...