BIT-AIRFLOW-2022-43985 Apache Airflow prior to 2.4.2 has an open redirect

In Apache Airflow versions prior to 2.4.2, there was an open redirect in the webserver's /confirm endpoint...

SuperCali 1.1.0 Cross Site Scripting

Exploit Title: SuperCali Version : 1.1.0 - Reflected XSS Date: 2024-23-02 Exploit Author: tmrswrr Vendor Homepage: https://supercali.inforest.com Version : 1.1.0 Tested on: https://softaculous.com/demos/supercali 1 Go to admin login url : https://127.0.0.1/SuperCali/login.php 2 Write your payload...

CVE-2022-40700

Server-Side Request Forgery SSRF vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP – Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet – A virtual wallet for WooCommerce, Long Watch Studio WooVIP – Membership plugin for WordPress a...

PT-2024-11631 · Agence Press · Css Adder By Agence-Press

Name of the Vulnerable Software and Affected Versions: Montonio for WooCommerce versions 6.0.1 and earlier Wpopal Core Features versions 1.5.8 and earlier ArcStone wp-amo versions 4.6.6 and earlier WooVirtualWallet – A virtual wallet for WooCommerce versions 2.2.1 and earlier WooVIP – Membership...

Bootbox.js Cross Site Scripting vulnerability

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, prompt functions...

CVE-2023-46998

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, prompt functions...

DEBIAN-CVE-2023-46998

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, prompt functions...

CVE-2023-46998

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, prompt functions...

CVE-2023-46998

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, prompt functions...

Cross site scripting

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, prompt functions...

UBUNTU-CVE-2023-46998

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, prompt functions...

CVE-2023-46998

Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert, confirm, prompt functions...

CVE-2023-32124

Cross-Site Request Forgery CSRF vulnerability in Arul Prasad J Publish Confirm Message plugin = 1.3.1 versions...

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Arul Prasad J Publish Confirm Message plugin = 1.3.1 versions...

CVE-2023-32124

The CVE-2023-32124 entry describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Publish Confirm Message (author: Arul Prasad J) affecting versions

CVE-2023-32124 WordPress Publish Confirm Message Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Arul Prasad J Publish Confirm Message plugin = 1.3.1 versions...

WordPress Plugin Publish Confirm Message Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

CVE-2023-5423

A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/ajax.php?action=confirmorder. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely...

PT-2023-27056 · Unknown · Tvcmsvideotab

Name of the Vulnerable Software and Affected Versions: theme volty tvcmsvideotab versions up to 4.0.0 Description: The issue is a SQL injection vulnerability. It occurs via the component TvcmsVideoTabConfirmDeleteModuleFrontController::run. Recommendations: For versions up to 4.0.0, as a temporar...

XOO DIGITAL 2.1.0 Cross Site Scripting

==================================================================================================================================== | Title : XOO DIGITAL v2.1.0 XSS Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox 68.032-bit | | Vendor :...