CVE-2023-43769

An issue was discovered in Couchbase Server through 7.1.4 before 7.1.5 and before 7.2.1. There are Unauthenticated RMI Service Ports Exposed in Analytics...

CVE-2023-43769

An issue was discovered in Couchbase Server through 7.1.4 before 7.1.5 and before 7.2.1. There are Unauthenticated RMI Service Ports Exposed in Analytics...

CVE-2023-43769

CVE-2023-43769 affects Couchbase Server up to 7.1.4 (before 7.1.5) and before 7.2.1. The issue is that unauthenticated RMI service ports are exposed in Analytics, enabling potential unauthorized access. The available sources consistently identify Analytics as the exposed interface and indicate th...

PT-2024-13137 · Couchbase · Couchbase Server

Name of the Vulnerable Software and Affected Versions: Couchbase Server versions through 7.1.4 before 7.1.5 and before 7.2.1 Description: An issue was discovered in Couchbase Server where Unauthenticated RMI Service Ports are Exposed in Analytics, posing a significant risk. This could allow an...

CVE-2023-30996

IBM Cognos Analytics 11.1.7, 11.2.4, and 12.0.0 could be vulnerable to information leakage due to unverified sources in messages sent between Windows objects of different origins. IBM X-Force ID: 254290...

CVE-2024-20913

Oracle BI Enterprise Edition (OBIEE) 12.2.1.4.0 is affected by a vulnerability in the BI Platform Security component due to insufficient input validation. An attacker with network access via HTTP and low privileges, requiring user interaction, can compromise data confidentiality and integrity—una...

CVE-2024-0250

The CVE-2024-0250 entry concerns the Analytics Insights for Google Analytics 4 (AIWP) WordPress plugin, prior to version 6.3. The issue is an Open Redirect caused by insufficient validation on the redirect file oauth2callback.php, enabling unauthenticated attackers to steer users to potentially m...

Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting Vulnerability

Exploit Title: Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting XSS Authenticated Exploit Author: Furkan ÖZER Software Link: https://wordpress.org/plugins/advanced-page-visit-counter/ Version: 8.0.5 Tested on: Kali-Linux,Windows10,Windows 11 CVE: N/A Description: Advanced Page...

Advanced Page Visit Counter 1.0 Cross Site Scripting

Exploit Title: Advanced Page Visit Counter 1.0 - Admin+ Stored Cross-Site Scripting XSS Authenticated Date: 11.10.2023 Exploit Author: Furkan ÖZER Software Link: https://wordpress.org/plugins/advanced-page-visit-counter/ Version: 8.0.5 Tested on: Kali-Linux,Windows10,Windows 11 CVE: N/A...

CVE-2024-20987

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks...

CVE-2023-52225

Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

Deserialization of untrusted data

Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

CVE-2023-52225

CVE-2023-52225 describes a deserialization of untrusted data vulnerability in the WordPress plugin Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics . Affected versions are listed as up to version 3.1 (n/a to 3.1); the root cause is improper deserialization of untrusted input...

GitLab 13.0 < 13.12.9 / 14.0 < 14.0.7 / 14.1 < 14.1.2 (CVE-2021-22247)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Improper authorization in GitLab CE/EE affecting all versions since 13.0 allows guests in private projects to view CI/CD analytics CVE-2021-22247 Note that Nessus has not tested for this issue but has...

CVE-2023-33214

Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

CVE-2023-33214 WordPress Taggbox Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

CVE-2023-33214 WordPress Taggbox Plugin <= 3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1...

WordPress Burst Statistics - Privacy-Friendly Analytics for WordPress Plugin 1.4.x < 1.5.0 SQLi Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:burst-statistics:burststatistics"; if description...

CVE-2023-3517

Hitachi Vantara Pentaho Data Integration & Analytics versions before 9.5.0.1 and 9.3.0.5, including 8.3.x does not restrict JNDI identifiers during the creation of XActions, allowing control of system level data sources...