EUVD-2021-11402

Malware in sbrugna...

Malicious code in artillery-engine-spark (npm)

The package artillery-engine-spark was found to contain malicious code...

MAL-2025-43516 Malicious code in artillery-engine-spark (npm)

The package artillery-engine-spark was found to contain malicious code...

CVE-2021-24490

The Email Artillery MASS EMAIL WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well...

CVE-2024-46539

Insecure permissions in the Bluetooth Low Energy BLE component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 allow attackers to cause a Denial of Service DoS...

CVE-2024-46539

Insecure permissions in the Bluetooth Low Energy BLE component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 allow attackers to cause a Denial of Service DoS...

Fire Boltt Artillery Smart Watch NJ-R6E 安全漏洞

Fire Boltt Artillery Smart Watch NJ-R6E is a smart watch from Fire Boltt. A security vulnerability exists in the Fire Boltt Artillery Smart Watch NJ-R6E-10.3 version, which stems from an insecure privilege issue contained in the low-power Bluetooth BLE component that could result in denial of...

CVE-2024-46539

Insecure permissions in the Bluetooth Low Energy BLE component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 allow attackers to cause a Denial of Service DoS...

CVE-2024-46539

CVE-2024-46539 maps to insecure permissions in the BLE component of Fire-Boltt Artillery Smart Watch NJ-R6E-10.3, enabling a nearby attacker to trigger a DoS due to BLE privilege issues. Root cause: insecure BLE permissions; impact: DoS with adjacent attack vector. A temporary workaround mentione...

PT-2024-7294 · Fireboltt · Fire-Boltt Artillery Smart Watch

Name of the Vulnerable Software and Affected Versions: Fire-Boltt Artillery Smart Watch NJ-R6E-10.3 Description: The issue is related to insecure permissions in the Bluetooth Low Energy BLE component, which can be exploited to cause a Denial of Service DoS. This may allow an attacker to disconnec...

artillery.onlineheadquarters.net Cross Site Scripting vulnerability OBB-3722716

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

artillery-core (>=0.1.2 <=0.1.2-alpha.3), bastion (>=0.3.5 <=0.4.5) +77 more potentially affected by CVE-2022-23486 via libp2p (>=0.18.1 <=0.42.2)

libp2p CARGO version =0.18.1, =0.1.2, =0.3.5, =0.1.0, =0.7.0, =0.0.7, =0.1.1, =0.1.1, =2.0.0-alpha.3, =0.4.0, =0.2.0, =0.20.0, =0.22.4 and more Source cves: CVE-2022-23486 Source advisory: OSV:RUSTSEC-2022-0084...

CVE-2021-24490

The Email Artillery MASS EMAIL WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well...

CVE-2021-24490

The Email Artillery MASS EMAIL WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well...

Cross site request forgery (csrf)

The Email Artillery MASS EMAIL WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well...

CVE-2021-24490 Email Artillery <= 4.1 - Arbitrary File Upload

The Email Artillery MASS EMAIL WordPress plugin through 4.1 does not properly check the uploaded files from the Import Emails feature, allowing arbitrary files to be uploaded. Furthermore, the plugin is also lacking any CSRF check, allowing such issue to be exploited via a CSRF attack as well...

CVE-2021-24490

The CVE-2021-24490 entry concerns the WordPress plugin Email Artillery (MASS EMAIL) up to version 4.1, where the Import Emails feature allows arbitrary file uploads due to improper validation and also lacks CSRF protection. The root cause is failure to properly check uploaded files and the absenc...

WordPress 插件代码问题漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on PHP and MySQL servers. A code issue vulnerability exists in the WordPress plugin that stems from the Email Artillery MASS EMAIL plugin...

artillery-core (>=0.1.2 <=0.1.2-alpha.3), bastion (>=0.3.5 <=0.4.5) +489 more potentially affected by CVE-2021-38195 via libsecp256k1 (>=0.1.3 <=0.3.5)

libsecp256k1 CARGO version =0.1.3, =0.1.2, =0.3.5, =0.1.0, =0.1.1, =0.7.0, =0.1.0, =0.2.0, =1.0.0, =0.7.0, =0.8.2 and more Source cves: CVE-2021-38195 Source advisory: OSV:GHSA-G4VJ-X7V9-H82M...

Email Artillery <= 4.1 - Multiple Authenticated SQL Injections

The plugin does not sanitise, validate or escape some user input before using it in SQL statements in the admin dashboard, leading to SQL Injections PoC https://example.com/wp-admin/admin.php?page=etmbu-all-posts=yesid=1%20AND%20SELECT%2042%20FROM%20SELECTSLEEP5aa...