17 matches found
CVE-2026-2832
The advisory concerns Samsung MultiXpress Multifunction Printers. The vulnerability is an information disclosure through certain APIs that may allow access to address book entries and other device configuration without proper authorization. Affected component: firmware on Samsung MultiXpress devi...
MAL-2025-185871 Malicious code in book-data-short-index-object (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 50c5c6f6d40efd3bef72387801d8203eac1923bd99c9bf12dc04fdb66c1ee20c This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-180011
Malicious code in book-data-short-index-object npm...
CVE-2022-1842
The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...
CVE-2023-46327
Multiple MFPs multifunction printers provided by FUJIFILM Business Innovation Corp. and Xerox Corporation provide a facility to export the contents of their Address Book with encrypted form, but the encryption strength is insufficient. With the knowledge of the encryption process and the encrypti...
WordPress OpenBook Book Data plugin跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress OpenBook Book Data plugin version 3.5.2 and earlier versions are vulnerable to cross-site request...
CVE-2022-1842
The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...
CVE-2022-1842
The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...
CVE-2022-1842
The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...
Cross site scripting
The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...
CVE-2022-1842 OpenBook Book Data <= 3.5.2 - Arbitrary Settings Update to Stored XSS via CSRF
The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...
CVE-2022-1842
CVE-2022-1842 affects the WordPress OpenBook Book Data plugin (versions
WordPress plugin OpenBook Book Data 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress OpenBook Book Data plugin version 3.5.2 and earlier versions are vulnerable to cross-site request...
WordPress OpenBook Book Data plugin <= 3.5.2 - Arbitrary Settings Update to Stored XSS via CSRF vulnerability
Arbitrary Settings Update to Stored XSS via CSRF vulnerability discovered by Daniel Ruf in WordPress OpenBook Book Data plugin versions = 3.5.2. Solution Deactivate and delete. This plugin has been closed as of May 24, 2022 and is not available for download. This closure is temporary, pending a...
OpenBook Book Data <= 3.5.2 - Arbitrary Settings Update to Stored XSS via CSRF
The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well PoC...
ex-NSA Hacker Discloses macOS Mojave 10.14 Zero-Day Vulnerability
The same day Apple released its latest macOS Mojave operating system, a security researcher demonstrated a potential way to bypass new privacy implementations in macOS using just a few lines of code and access sensitive user data. On Monday, Apple started rolling out its new macOS Mojave 10.14...
CVE-2016-1196
Cybozu Garoon 3.x and 4.x before 4.2.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive Address Book information via an API call, a different vulnerability than CVE-2015-7776...