Lucene search
+L

4 matches found

packetstorm
packetstorm
added 2024/11/01 12:0 a.m.443 views

ABB Cylon Aspect 3.08.01 File Upload MD5 Checksum Bypass

ABB Cylon Aspect 3.08.01 badassMode File Upload MD5 Checksum Bypass Vendor: ABB Ltd. Product web page: https://www.global.abb Affected version: NEXUS Series, MATRIX-2 Series, ASPECT-Enterprise, ASPECT-Studio Firmware: =3.08.01 Summary: ASPECT is an award-winning scalable building energy managemen...

7.4AI score
Exploits0
nvd
nvd
added 2024/06/18 4:15 a.m.28 views

CVE-2024-5860

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tcdldeletetickets AJAX action in all versions up to, and including, 3.5.2.8. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.0028EPSS
Exploits0References2
cvelist
cvelist
added 2024/06/18 3:13 a.m.24 views

CVE-2024-5860 Tickera <= 3.5.2.8 - Missing Authorization to Authenticated (Susbcriber+) Ticket Deletion

The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the tcdldeletetickets AJAX action in all versions up to, and including, 3.5.2.8. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS0.0028EPSS
Exploits0References2
patchstack
patchstack
added 2024/06/17 12:0 a.m.8 views

WordPress Tickera Plugin <= 3.5.2.8 is vulnerable to Broken Access Control

Software Tickera Type Plugin Vulnerable versions = 3.5.2.8 Fixed in 3.5.2.9 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-5860 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 94f597cb32e8 Credits Lucio Sá Required privilege...

4.3CVSS6.6AI score0.0028EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder