22 matches found
EUVD-2020-6360
Malware in sbrugna...
EUVD-2020-6361
Malware in sbrugna...
EUVD-2020-6359
Malware in sbrugna...
CVE-2020-14207
The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection within divelog.php, allowing unauthenticated users to retrieve data from the database via the divelog.php filterdiver parameter...
CVE-2020-14206
The DiveBook plugin 1.1.4 for WordPress is prone to unauthenticated XSS within the filter function via an arbitrary parameter...
CVE-2020-14205
The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks. An attacker may leverage this issue to manipulate the integrity of dive logs...
WordPress DiveBook Plugin Cross-Site Scripting Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in the filter function of the WordPress DiveBook plugin...
WordPress DiveBook plugin access control error vulnerability
WordPress is a blogging platform developed by the WordPress Wordpress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.Give is a fundraising platform plugin used in it.relevant is a relevant content display plugin used in it. A security...
WordPress DiveBook plugin SQL Injection Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A SQL injection vulnerability exists in WordPress DiveBook plugin version 1.1.4, which originates fr...
WordPress DiveBook plugin <= 1.1.4 - Unauthenticated SQL Injection (SQLi) vulnerability
Unauthenticated SQL Injection SQLi vulnerability found by Hooper Labs in WordPress DiveBook plugin versions = 1.1.4. Solution 2020-12-09 - we were unable to find a patched version of this plugin Last updated: 10 years ago...
WordPress DiveBook plugin <= 1.1.4 - Unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability
Unauthenticated Reflected Cross-Site Scripting XSS vulnerability found by Hooper Labs WordPress DiveBook plugin versions = 1.1.4. Solution 2020-12-09 - we were unable to find a patched version of this plugin Last updated: 10 years ago...
WordPress DiveBook plugin <= 1.1.4 - Improper Authorisation Check vulnerability
Improper Authorisation Check vulnerability found by Hooper Labs in WordPress DiveBook plugin versions = 1.1.4. Solution 2020-12-09 - we were unable to find a patched version of this plugin Last updated: 10 years ago...
CVE-2020-14207
The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection within divelog.php, allowing unauthenticated users to retrieve data from the database via the divelog.php filterdiver parameter...
CVE-2020-14205
The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks. An attacker may leverage this issue to manipulate the integrity of dive logs...
CVE-2020-14206
The DiveBook plugin 1.1.4 for WordPress is prone to unauthenticated XSS within the filter function via an arbitrary parameter...
CVE-2020-14207
The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection within divelog.php, allowing unauthenticated users to retrieve data from the database via the divelog.php filterdiver parameter...
Design/Logic Flaw
The DiveBook plugin 1.1.4 for WordPress is prone to unauthenticated XSS within the filter function via an arbitrary parameter...
CVE-2020-14206
The DiveBook plugin 1.1.4 for WordPress is prone to unauthenticated XSS within the filter function via an arbitrary parameter...
CVE-2020-14206
The DiveBook WordPress plugin (version 1.1.4) is affected by an unauthenticated Cross‑Site Scripting (XSS) vulnerability in the filter function, exploitable via an arbitrary parameter. Affects: DiveBook plugin for WordPress up to 1.1.4 (no patch found per Patchstack notes); impact: potential scri...
CVE-2020-14205
affected software: WordPress DiveBook plugin 1.1.4; vulnerability: improper access control in the Log Dive form due to missing authorization checks; impact: could allow an attacker to manipulate the integrity of dive logs. root cause: failure to perform authorization checks on log dive submission...