44 matches found
CVE-2023-43121
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...
EUVD-2023-47538
Malicious code in bioql PyPI...
EUVD-2023-47541
Malicious code in bioql PyPI...
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2024-12586
The Chalet-Montagne.com Tools WordPress plugin through 2.7.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress Chalet Montagne Com Tools plugin <= 2.7.8 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin Chalet-Montagne.com Tools versions = 2.7.8...
CVE-2024-12586
The Chalet-Montagne.com Tools WordPress plugin through 2.7.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12586
The Chalet-Montagne.com Tools WordPress plugin through 2.7.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12586 Chalet Montagne Com Tools <= 2.7.8 - Reflected XSS
The Chalet-Montagne.com Tools WordPress plugin through 2.7.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-12586 Chalet Montagne Com Tools <= 2.7.8 - Reflected XSS
The Chalet-Montagne.com Tools WordPress plugin through 2.7.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
WordPress plugin Chalet-Montagne.com Tools 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...
PT-2025-6523 · WordPress · Chalet-Montagne.Com Tools
Name of the Vulnerable Software and Affected Versions: Chalet-Montagne.com Tools WordPress plugin versions 2.7.8 and earlier Description: The issue arises from the plugin not sanitizing and escaping a parameter before outputting it back in the page. This leads to a Reflected Cross-Site Scripting...
chaletluganersee.de Improper Access Control vulnerability OBB-3818126
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chaletquattropalme.com Improper Access Control vulnerability OBB-3795484
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
CVE-2023-43121
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43121
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43118
Cross Site Request Forgery CSRF vulnerability in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, fixed in 31.7.2 and 32.5.1.5 allows attackers to run arbitrary code and cause other unspecified impacts via /jsonrpc API...
CVE-2023-43121
A Directory Traversal vulnerability discovered in Chalet application in Extreme Networks Switch Engine EXOS before 32.5.1.5, before 22.7, and before 31.7.2 allows attackers to read arbitrary files...