BIT-GITLAB-2022-3060

Improper control of a resource identifier in Error Tracking in GitLab CE/EE affecting all versions from 12.7 allows an authenticated attacker to generate content which could cause a victim to make unintended arbitrary requests...

CVE-2024-1731 Auto Refresh Single Page <= 1.1 - Authenticated (Contributor+) PHP Object Injection

The Auto Refresh Single Page plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.1 via deserialization of untrusted input from the arspoptions post meta option. This makes it possible for authenticated attackers, with contributor-level access and...

CVE-2024-1172

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Accordion widget in all versions up to, and including, 5.9.8 due to insufficient input sanitization and output...

Slivery Extender <= 1.0.2 - Authenticated(Contributor+) Remote Code Execution via shortcode

Description The Slivery Extender plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.2 via the 'sliderthemesection' function. This is due to the use of calluserfunc on one of the shortcode attributes. This makes it possible for authenticated...

PT-2024-19477 · Linksys · Linksys Router E1700

Name of the Vulnerable Software and Affected Versions: Linksys Router E1700 version 1.0.04 build 3 Description: An issue was discovered in the Linksys Router E1700, allowing authenticated attackers to execute arbitrary code via the setDateTime function. Recommendations: For Linksys Router E1700...

Brizy – Page Builder < 2.4.41 - Authenticated (Contributor+) Arbitrary File Upload

Description The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the storeImages function in all versions up to, and including, 2.4.40. This makes it possible for authenticated attackers, with contributor access or above, to...

Academy LMS – eLearning and online course solution for WordPress < 1.9.20 - Authenticated (Subscriber+) Privilege Escalation

Description The Academy LMS – eLearning and online course solution for WordPress plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.9.19. This is due to plugin allowing arbitrary user meta updates through the saveduserinfo function. This makes it...

CVE-2024-0167

Dell Unity (unified hybrid storage array) is affected by CVE-2024-0167 prior to version 5.4. The vulnerability is an OS command injection in the svc_topstats utility that an authenticated, local attacker can exploit to overwrite arbitrary files on the filesystem with root privileges. Impact is hi...

CVE-2024-0168

Dell Unity, versions prior to 5.4, contains a Command Injection Vulnerability in svcoscheck utility. An authenticated attacker could potentially exploit this vulnerability, leading to the ability to inject arbitrary operating system commands. This vulnerability allows an authenticated attacker to...

Exploit for Code Injection in Oretnom23 Simple_Student_Attendance_System

CVE-2023-51801 Simple Student Attendance System v.1.0 - Mult...

CVE-2023-6994

The List category posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'catlist' shortcode in all versions up to, and including, 0.89.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2023-37932

An improper limitation of a pathname to a restricted directory 'path traversal' vulnerability CWE-22 in FortiVoiceEntreprise version 7.0.0 and before 6.4.7 allows an authenticated attacker to read arbitrary files from the system via sending crafted HTTP or HTTPS requests...

Icegram < 3.1.20 - Authenticated (Contributor+) Stored Cross-Site Scripting via Campaign Message

Description The Icegram plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the campaign message field in versions up to, and including, 3.1.19 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level...

MSync <= 1.0.0 - Authenticated (Administrator+) SQL Injection

Description The MSync plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with...

CVE-2023-46857

Squidex before 7.9.0 allows XSS via an SVG document to the Upload Assets feature. This occurs because there is an incomplete blacklist in the SVG inspection, allowing JavaScript in the SRC attribute of an IFRAME element. An authenticated attack with assets.create permission is required for...

Design/Logic Flaw

Squidex before 7.9.0 allows XSS via an SVG document to the Upload Assets feature. This occurs because there is an incomplete blacklist in the SVG inspection, allowing JavaScript in the SRC attribute of an IFRAME element. An authenticated attack with assets.create permission is required for...

CVE-2023-22522

This Template Injection vulnerability allows an authenticated attacker, including one with anonymous access, to inject unsafe user input into a Confluence page. Using this approach, an attacker is able to achieve Remote Code Execution RCE on an affected instance. Publicly accessible Confluence Da...

Image horizontal reel scroll slideshow < 13.3 - Authenticated (Subscriber+) SQL Injection via Shortcode

Description The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. Th...

Up down image slideshow gallery < 12.1 - Authenticated (Subscriber+) SQL Injection via Shortcode

Description The Up down image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This make...

ANAC XML Bandi di Gara <= 7.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode

Description The ANAC XML Bandi di Gara plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 7.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...