25 matches found
EUVD-2020-30287
Malware in sbrugna...
EUVD-2024-33813
Malicious code in bioql PyPI...
CVE-2020-9468
The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...
Obsidian Plugin Persistence
This module searches for Obsidian vaults for a user, and uploads a malicious community plugin to the vault. The vaults must be opened with community plugins enabled NOT restricted mode, but the plugin will be enabled automatically. Tested against Obsidian 1.7.7 on Kali, Ubuntu 22.04, and Windows...
WordPress plugin Community by PeepSo 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...
WordPress Community by PeepSo plugin <= 6.4.6.0 - Unauthenticated Full Path Disclosure vulnerability
Unauthenticated Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin Community by PeepSo versions = 6.4.6.0...
CVE-2023-27630 WordPress Community by PeepSo plugin <= 6.0.9.0 - Server Information Disclosure
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in PeepSo Community by PeepSo.This issue affects Community by PeepSo: from n/a through 6.0.9.0...
CVE-2024-22158
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PeepSo Community by PeepSo – Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo – Social Network, Membership, Registration, User...
CVE-2023-25967 WordPress Community by PeepSo Plugin <= 6.0.2.0 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in PeepSo Community by PeepSo plugin = 6.0.2.0 versions...
PT-2023-20392 · Peepso · Peepso Community
Name of the Vulnerable Software and Affected Versions: PeepSo Community by PeepSo plugin versions 6.0.2.0 and earlier Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended...
Community Plugin Framework 跨站脚本漏洞
Community Plugin Framework is a plugin framework. A security vulnerability exists in Community Plugin Framework, which stems from an unknown function in the file core/src/main/java/pt/webdetails/cpf/packager/DependenciesPackage.java, where manipulation of the parameter baseUrl can lead to...
Community Input Validation Error Vulnerability
Piwigo is a Web-based open source photo gallery software. The software includes features such as image management, image categorization and permission management.Community is one of the plug-ins that support users to create albums and add photos. A security vulnerability exists in Community versi...
CVE-2020-9468
The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...
CVE-2020-9468
The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...
Design/Logic Flaw
The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...
CVE-2020-9468
The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...
CVE-2020-9468
The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums for which they do not have permission, by manipulating the imageid parameter...
CVE-2020-9468
The CVE-2020-9468 issue concerns the Community plugin 2.9.e-beta for Piwigo. Affected: the plugin’s image information handling, where an attacker can set image metadata on images in albums they lack permission for by manipulating the image_id parameter. Root cause appears to be a permission check...
CVE-2014-1980
Cross-site scripting XSS vulnerability in include/functionsmetadata.inc.php in Piwigo before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the Make field in IPTC Exif metadata within an image uploaded to the Community plugin...
CVE-2014-1980
Cross-site scripting XSS vulnerability in include/functionsmetadata.inc.php in Piwigo before 2.4.6 allows remote attackers to inject arbitrary web script or HTML via the Make field in IPTC Exif metadata within an image uploaded to the Community plugin...