931 matches found
WordPress plugin Beaver Builder – WordPress Page Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Beaver Builder - A...
WordPress plugin Beaver Builder 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin Beaver Builder - A...
WordPress plugin WP-UserOnline 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin Simple Banner 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
The vulnerability of the Kubernetes cluster deployment and management software Weave GitOps Enterprise, related to the lack of measures for cleaning input data, allows an attacker to execute XSS attacks.
The vulnerability of the Kubernetes Weave GitOps Enterprise deployment and cluster management software is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to carry out XSS attacks using a specially created link...
The susceptibility of the microprogramming software of the iSTAR Ultra controller, related to the failure to take measures for data cleaning at the management level, allows the attacker to elevate their privileges to the root level.
The vulnerability of the iSTAR Ultra controller’s microprogramming software is related to the failure to take measures to clean data at the control level. Exploiting this vulnerability can allow an attacker, operating remotely, to elevate their privileges to the root level...
The vulnerability of the Ping_addr function in D-Link DIR810LA1FW102B22 microprogrammed router software allows a hacker to execute arbitrary code. [source-iocs-preserved const=DIR810LA1_FW102B22]
The vulnerability of the Pingaddr function in D-Link DIR810LA1FW102B22 microprogrammed router software is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code. source-iocs-preserved const=DIR810LA1FW102B2...
PT-2022-4568 · Gitlab · Gitlab Ce/Ee +1
Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 11.10 through 15.1.6 GitLab CE/EE versions 15.2 through 15.2.4 GitLab CE/EE versions 15.3 through 15.3.2 Description: A vulnerability in GitLab CE/EE allows an authenticated user to achieve remote code execution via the...
The vulnerability of the mySCADA myPRO system for visualizing and controlling industrial processes, related to the lack of measures for cleaning input data, allows a intruder to execute arbitrary commands.
The vulnerability of the mySCADA myPRO industrial process visualization and control system is related to the lack of measures for cleaning incoming data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the Outbyte PC Repair program for cleaning temporary files and checking security settings is related to an uncontrolled search path element, allowing attackers to increase their privileges.
The vulnerability of Outbyte PC Repair’s file cleaning and security settings checking function is related to an uncontrolled search path element. Exploiting this vulnerability can allow attackers to enhance their privileges...
OPENSUSE-SU-2022:10091-1 Security update for canna
This update for canna fixes the following issues: - CVE-2022-21950: Move UNIX socket dir from /tmp to /run to avoid local attackers being able to place bogus directories in its stead. Use systemd-tmpfiles for cleaning old sockets boo1199280...
WordPress plugin Contact Form DB 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
HCL Leap 安全漏洞
HCL Leap is a low-code development platform from HCL India. HCL Leap suffers from a security vulnerability that stems from improper cleaning of SVG files, leading to client-side script injection in deployed applications...
Vulnerabilities of microprogramming software for Siemens STEP 7 programmable logic controllers, systems for manufacturing process control such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT Production Suite, the system diagnostic tool SIMOCODE ES, the software for parameterizing, diagnosing, and documenting device startup data (SIRIUS Soft Starter ES), technological process control systems like SIMATIC PCS neo, the Opcenter RD&L software platform, and the software for analyzing equipment efficiency and key indicators SIMATIC IT LMS. These vulnerabilities may allow a intruder to trigger malfunctions during maintenance operations due to improper cleaning or resource release.
The vulnerabilities of the microprogramming software for Siemens STEP 7 programmable logic controllers, the systems for managing production processes such as Opcenter Execution Discrete, Opcenter Execution Process, Opcenter Execution Foundation, Opcenter Intelligence, Opcenter Quality, SIMATIC IT...
The vulnerability of the implementation of automatic login for mobile devices in the virtual training environment Moodle allows a hacker to carry out a phishing attack and expose the protected information.
The vulnerability of the automatic login function in the Moodle virtual training system for mobile devices is related to improper cleaning of user data. Exploiting this vulnerability allows a malicious actor to carry out a phishing attack and disclose sensitive information through a specially...
cleanestcleaningaustralia.com.au Cross Site Scripting vulnerability OBB-2829912
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
The vulnerability of the SAP Business One resource management system allows a perpetrator to execute arbitrary codes.
The vulnerability of the SAP Business One resource management system is related to insufficient cleaning of special elements in the output data used by the incoming component. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
WordPress plugin Popup 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...
WordPress plugin Flexi Quote Rotator 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress plugin Invitation Based Registrations 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in...