35 matches found
EUVD-2014-1246
Malware in sbrugna...
EUVD-2006-2521
Malware in sbrugna...
EUVD-2022-35251
Malicious code in bioql PyPI...
CVE-2022-30037
XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code, via the add function in cron.php...
BIT-WORDPRESS-2023-22622
WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation gui...
BIT-WORDPRESS-MULTISITE-2023-22622
WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation gui...
Nextcloud: xmlrpc.php &wp-cron.php files are enabled, and will used for (DDOS),(DOS) and broutforce users attack.
The xmlrpc.php and wp-cron.php files were found to be enabled on the target website, which could allow attackers to perform denial of service attacks. Username enumeration via the RSS generator identified several valid usernames. The xmlrpc.php file could be used to cause a DDOS attack by sending...
CVE-2022-30037
XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code, via the add function in cron.php...
Code injection
XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code, via the add function in cron.php...
CVE-2022-30037
XunRuiCMS v4.3.3 to v4.5.1 vulnerable to PHP file write and CMS PHP file inclusion, allows attackers to execute arbitrary php code, via the add function in cron.php...
PT-2023-12995 · Xunruicms · Xunruicms
Name of the Vulnerable Software and Affected Versions: XunRuiCMS versions 4.3.3 through 4.5.1 Description: The issue allows attackers to execute arbitrary PHP code via the add function in cron.php. This is made possible by the vulnerability to PHP file write and CMS PHP file inclusion...
U.S. Dept Of Defense: WordPress application vulnerable to DoS attack via wp-cron.php
The WordPress application was vulnerable to a Denial of Service DoS attack via the wp-cron.php script, which could be exploited by sending a large number of requests to the script, causing it to consume excessive resources and overload the server, potentially leading to data loss and downtime. Th...
WordPress 'wp-cron.php' Accessible/Enabled (HTTP) - Active Check
The remote WordPress instance might have a default setup of SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:wordpress:wordpress";...
CVE-2014-125077
A vulnerability, which was classified as critical, has been found in pointhi searxstats. This issue affects some unknown processing of the file cgi/cron.php. The manipulation leads to sql injection. The patch is named 281bd679a4474ddb222d16c1c380f252839cc18f. It is recommended to apply a patch to...
Sql injection
A vulnerability, which was classified as critical, has been found in pointhi searxstats. This issue affects some unknown processing of the file cgi/cron.php. The manipulation leads to sql injection. The patch is named 281bd679a4474ddb222d16c1c380f252839cc18f. It is recommended to apply a patch to...
CVE-2014-125077
CVE-2014-125077 affects pointhi searx_stats. The vulnerability stems from unknown handling in cgi/cron.php, enabling SQL injection with high impact (C/H, I/H, A/H per CVSS3.1). A patch is available: 281bd679a4474ddb222d16c1c380f252839cc18f. Related identifier: VDB-218351.
CVE-2023-22622
WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation gui...
CVE-2023-22622
WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation gui...
CVE-2023-22622
WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation gui...
CVE-2023-22622
WordPress through 6.1.1 depends on unpredictable client visits to cause wp-cron.php execution and the resulting security updates, and the source code describes "the scenario where a site may not receive enough visits to execute scheduled tasks in a timely manner," but neither the installation gui...