EUVD-2023-51937

Malicious code in bioql PyPI...

EUVD-2023-51938

Malicious code in bioql PyPI...

CVE-2023-47843

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0...

CVE-2023-47842

Unrestricted Upload of File with Dangerous Type vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0...

CVE-2023-47843

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0...

CVE-2023-47843 WordPress CataBlog Plugin <= 1.7.0 is vulnerable to Arbitrary File Deletion

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0...

WordPress Plugin CataBlog 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

CVE-2023-47842

Unrestricted Upload of File with Dangerous Type vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0...

CVE-2023-47842 WordPress CataBlog plugin <= 1.7.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0...

CVE-2023-47842 WordPress CataBlog plugin <= 1.7.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0...

CVE-2023-47842

CVE-2023-47842 concerns WordPress plugin CataBlog

WordPress Plugin CataBlog 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

CataBlog <= 1.7.0 - Authenticated (Editor+) Arbitrary File Deletion

Description The CataBlog plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.7.0. This makes it possible for authenticated attackers, with editor access or higher to delete arbitrary files on the affected site's server which may make site takeover...

WordPress CataBlog Plugin <= 1.7.0 is vulnerable to Arbitrary File Upload

Software CataBlog Type Plugin Vulnerable versions = 1.7.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-47842 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID ca3ef4e541ae Credits Rafie Muhammad Patchstack Required privilege...

WordPress CataBlog Plugin <= 1.7.0 is vulnerable to Arbitrary File Deletion

Software CataBlog Type Plugin Vulnerable versions = 1.7.0 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Arbitrary File Deletion CVE CVE-2023-47843 Patch priority Medium CVSS severity Medium 7.6 Developer Claim ownership PSID 9a8041fb49de Credits Rafie Muhammad Patchstack...

Catablog <= 1.6 - Cross Site Scripting

The CataBlog WordPress plugin was affected by a Cross Site Scripting security vulnerability...

WordPress CataBlog Plugin 1.6 - Cross Site Scripting

WordPress CataBlog plugin is prone to a cross-site scripting vulnerability. It fails to properly clean up user-supplied input. An attacker may execute arbitrary script code in the browser of an user in the context of the affected site. In this way the attacker can steal cookie-based authenticatio...

WordPress Plugin CataBlog 1.6 - &#039;admin.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/53520/info CataBlog plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting use...

WordPress CataBlog 1.6 Cross Site Scripting

Hi We have used our tool, THAPS, to identify vulnerabilities in this WordPress plugin. We have confirmed at least one of the reported vulnerabilities and created a working exploit located below. Attached is one or more log files containing the output of our tool, identifying the location of the...

WordPress Plugin CataBlog 1.6 - admin.php Cross-Site Scripting

WordPress Plugin CataBlog 1.6 - admin.php Cross-Site Scripting source: https://www.securityfocus.com/bid/53520/info CataBlog plugin for WordPress is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to...