Lucene search
K

5079 matches found

CNVD
CNVD
added 2022/03/24 12:0 a.m.17 views

WordPress Export All URLs plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the Wordpress Foundation using the PHP language. WordPress plugin is an application plugin for WordPress. A cross-site scripting vulnerability exists in versions of the WordPress Export All URLs plugin prior to 4.2, which stems from the plugin's failu...

6.1CVSS1.2AI score0.00788EPSS
Exploits1References1
wpexploit
wpexploit
added 2022/03/22 12:0 a.m.138 views

Ninja Forms < 3.6.8 - Unauthenticated Email Address Disclosure

The plugin does not delete the temporary files created when exporting submissions, which could allow unauthenticated attackers to download them and get sensitive information such as the email address of users who submitted a form given that the file is publicly accessible, and with a guessable na...

7AI score
Exploits0
Kitploit
Kitploit
added 2022/03/21 11:30 a.m.16 views

Oh365UserFinder - Python3 O365 User Enumeration Tool

Oh365UserFinder is used for identifying valid o365 accounts and domains without the risk of account lockouts. The tool parses responses to identify the "IfExistsResult" flag is null or not, and responds appropriately if the user is valid. The tool will attempt to identify false positives based on...

7.3AI score
Exploits0References2
Kitploit
Kitploit
added 2022/03/19 11:30 a.m.71 views

Ghostbuster - Eliminate Dangling Elastic IPs By Performing Analysis On Your Resources Within All Your AWS Accounts

Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts. Ghostbuster obtains all the DNS records present in all of your AWS accounts Route53, and can optionally take in records via CSV input, or via Cloudflare. After these records are collected,...

6.6AI score
Exploits0References4
OSV
OSV
added 2022/03/18 11:11 p.m.28 views

GHSA-F8XQ-Q7PX-WG8C Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging

Impact The gradio library has a flagging functionality which saves input/output data into a CSV file on the developer's computer. This can allow a user to save arbitrary text into the CSV file, such as commands. If a program like MS Excel opens such a file, then it automatically runs these...

8.8CVSS8.8AI score0.01248EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2022/03/18 11:11 p.m.51 views

Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging

Impact The gradio library has a flagging functionality which saves input/output data into a CSV file on the developer's computer. This can allow a user to save arbitrary text into the CSV file, such as commands. If a program like MS Excel opens such a file, then it automatically runs these...

8.8CVSS1.6AI score0.01248EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2022/03/17 9:15 p.m.40 views

CVE-2022-24770

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

8.8CVSS0.01248EPSS
Exploits0References3
Prion
Prion
added 2022/03/17 9:15 p.m.16 views

Input validation

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

6.8CVSS8.8AI score0.01248EPSS
Exploits0References3Affected Software1
PyPA
PyPA
added 2022/03/17 9:15 p.m.6 views

PYSEC-2022-229

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

8.8CVSS7.2AI score0.01248EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/03/17 9:15 p.m.39 views

PYSEC-2022-229

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

8.8CVSS2.2AI score0.01248EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/03/17 8:30 p.m.8 views

CVE-2022-24770 Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

8.8CVSS8.8AI score0.01248EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/03/17 8:30 p.m.39 views

CVE-2022-24770 Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

8.8CVSS9AI score0.01248EPSS
Exploits0References3
CVE
CVE
added 2022/03/17 8:30 p.m.116 views

CVE-2022-24770

The CVE-2022-24770 issue affects the Gradio library prior to version 2.8.11, in the flagging CSV export feature. The root cause is Improper Neutralization of Formula Elements in a CSV File, allowing arbitrary text (e.g., commands) to be saved into CSV outputs that may be opened by spreadsheet pro...

8.8CVSS8.8AI score0.01248EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/03/17 8:30 p.m.30 views

CVE-2022-24770 Improper Neutralization of Formula Elements in a CSV File in Gradio Flagging

gradio is an open source framework for building interactive machine learning models and demos. Prior to version 2.8.11, gradio suffers from Improper Neutralization of Formula Elements in a CSV File. The gradio library has a flagging functionality which saves input/output data into a CSV file on t...

8.8CVSS8.7AI score0.01248EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2022/03/15 12:0 a.m.16 views

Moodle 3.8.x < 3.8.9, 3.9.x < 3.9.7, 3.10.x < 3.10.4 Multiple Vulnerabilities (MSA-21-0012, MSA-21-0018)

Moodle is prone to multiple vulnerabilities. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.1CVSS5.6AI score0.01157EPSS
Exploits0References2
CNVD
CNVD
added 2022/03/14 12:0 a.m.30 views

IBM Guardium Data Encryption has an unspecified vulnerability (CNVD-2022-20154)

IBM Guardium Data Encryption GDE is an application from IBM of America, Inc. IBM Guardium Data Encryption versions 4.0.0.0 and 5.0.0.0 contain a security vulnerability that stems from the fact that the software saves user information in a CSV form file with a comma as the separator symbol, but it...

8.8CVSS2.3AI score0.00471EPSS
Exploits0References1
OSV
OSV
added 2022/03/12 12:0 a.m.22 views

GHSA-454R-JCCQ-96Q8 Moodle Exposure of Sensitive Information to an Unauthorized Actor

Teachers exporting a forum in CSV format could receive a CSV of forums from all courses in some circumstances. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6 and 3.8 to 3.8.8 are affected...

4.3CVSS5.5AI score0.00743EPSS
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/03/12 12:0 a.m.26 views

Moodle Exposure of Sensitive Information to an Unauthorized Actor

Teachers exporting a forum in CSV format could receive a CSV of forums from all courses in some circumstances. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6 and 3.8 to 3.8.8 are affected...

4.3CVSS6.5AI score0.00743EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2022/03/11 6:15 p.m.21 views

CVE-2021-32472

Teachers exporting a forum in CSV format could receive a CSV of forums from all courses in some circumstances. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6 and 3.8 to 3.8.8 are affected...

4.3CVSS0.00743EPSS
Exploits0References1
OSV
OSV
added 2022/03/11 6:15 p.m.17 views

CVE-2021-32472

Teachers exporting a forum in CSV format could receive a CSV of forums from all courses in some circumstances. Moodle versions 3.10 to 3.10.3, 3.9 to 3.9.6 and 3.8 to 3.8.8 are affected...

4.3CVSS6.6AI score
Exploits0References1
Rows per page
Query Builder