28 matches found
EUVD-2015-7273
Malware in sbrugna...
EUVD-2013-7069
Malware in sbrugna...
EUVD-2024-45873
Malicious code in bioql PyPI...
CVE-2013-7292
VASCO IDENTIKEY Authentication Server IAS 3.4.x allows remote authenticated users to bypass Active Directory AD authentication by entering only a DIGIPASS one-time password, instead of the intended combination of this one-time password and a multiple-time AD password...
CVE-2024-52378
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in labs64 DigiPass digipass allows Absolute Path Traversal.This issue affects DigiPass: from n/a through = 0.3.0...
CVE-2024-52378
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in labs64 DigiPass digipass allows Absolute Path Traversal.This issue affects DigiPass: from n/a through = 0.3.0...
CVE-2024-52378 WordPress DigiPass plugin <= 0.3.0 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Labs64 DigiPass allows Absolute Path Traversal.This issue affects DigiPass: from n/a through 0.3.0...
CVE-2024-52378
CVE-2024-52378 concerns the Labs64 DigiPass WordPress plugin. The connected records confirm an Absolute Path Traversal vulnerability in DigiPass versions
CVE-2024-52378 WordPress DigiPass plugin <= 0.3.0 - Arbitrary File Download vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in labs64 DigiPass digipass allows Absolute Path Traversal.This issue affects DigiPass: from n/a through = 0.3.0...
PT-2024-35215 · Labs64 · Digipass
Name of the Vulnerable Software and Affected Versions: DigiPass versions 0.3.0 and earlier Description: The issue is related to an Improper Limitation of a Pathname to a Restricted Directory, also known as 'Path Traversal'. This allows Absolute Path Traversal in Labs64 DigiPass. Recommendations:...
WordPress plugin DigiPass 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
WordPress DigiPass plugin <= 0.3.0 - Arbitrary File Download vulnerability
Arbitrary File Download vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin DigiPass versions = 0.3.0...
WordPress DigiPass Plugin <= 0.3.0 is vulnerable to Arbitrary File Download
Software DigiPass Type Plugin Vulnerable versions = 0.3.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Download CVE CVE-2024-52378 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID dbfd2eb97192 Credits stealthcopter Required privilege Unauthenticat...
Citrix Web Interface Cross-Site Scripting Vulnerability
Citrix Web Interface is a suite of components from Citrix Systems that provides users with access to XenApp applications and content, as well as XenDesktop virtual desktops.The VASCO DIGIPASS authentication plug-in is one of the authentication plug-in. A cross-site scripting vulnerability exists ...
Cross site scripting
Cross-site scripting XSS vulnerability in the sample feedback.inc file in VASCO DIGIPASS authentication plug-in for Citrix Web Interface allows remote attackers to inject arbitrary web script or HTML via the failmessage parameter...
CVE-2015-7349
Cross-site scripting XSS vulnerability in the sample feedback.inc file in VASCO DIGIPASS authentication plug-in for Citrix Web Interface allows remote attackers to inject arbitrary web script or HTML via the failmessage parameter...
CVE-2015-7349
Cross-site scripting XSS vulnerability in the sample feedback.inc file in VASCO DIGIPASS authentication plug-in for Citrix Web Interface allows remote attackers to inject arbitrary web script or HTML via the failmessage parameter...
CVE-2015-7349
CVE-2015-7349 describes a Cross-site scripting (XSS) vulnerability in the sample feedback.inc file of the VASCO DIGIPASS authentication plug-in used by Citrix Web Interface. The issue allows remote attackers to inject arbitrary web script or HTML via the failmessage parameter. Documented impact i...
TBC Digipass - Customized SSL, Redefined SSL Common Names verifier vulnerabilities
HackApp vulnerability scanner discovered that application TBC Digipass published at the 'play' market has multiple vulnerabilities...
Digipass Go3 Insecure Encryption Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21040/info Digipass Go3 is prone to an insecure-encryption vulnerability because the device uses an insecure encryption algorithm to encrypt sensitive data. An attacker can exploit this issue to brute-force the encryption...