MAL-2024-9321 Malicious code in a-lbum-do-wnload-avai-lable-file-6460-vauxhall-and-i-tc5nk-jqhvlk (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a6249bcee116ac7d615eb0663dc8292206e69d2ae1e4650d05178e1918d03c0d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9322 Malicious code in a-lbum-do-wnload-avai-lable-file-volta-j48ol-zfpbbc (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ecba27f0410e09bcc71ef3e7cae3317dee8fd170e13919a83295a6f27c8af6ab Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

PT-2024-15376 · Unknown · Rrj Nueva Ecija Engineer Online Portal

Name of the Vulnerable Software and Affected Versions: RRJ Nueva Ecija Engineer Online Portal version 1.0 Description: A critical vulnerability was found in the RRJ Nueva Ecija Engineer Online Portal, affecting an unknown functionality of the file downloadable.php of the component Add Downloadabl...

WordPress WPtouch Pro 4 Backup Disclosure

==================================================================================================================================== | Title : WordPress - WPtouch Pro 4 Backup Disclosure Vulnerability | | Author : indoushka | | Tested on : windows 10 Français V.Pro / browser : Mozilla firefox...

CVE-2022-0706

The Easy Digital Downloads WordPress plugin before 2.11.6 does not sanitise and escape the Downloadable File Name in the Logs, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

Cross site scripting

The Easy Digital Downloads WordPress plugin before 2.11.6 does not sanitise and escape the Downloadable File Name in the Logs, which could allow high privilege users to perform Cross-Site Scripting attacks when the unfilteredhtml capability is disallowed...

CVE-2021-31567

Authenticated admin+ Arbitrary File Download vulnerability discovered in Download Monitor WordPress plugin versions = 4.4.6. The plugin allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the &downloadablefileurls0 parameter data. It's also...

Download Monitor < 4.4.7 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape the postid and downloadablefileversion parameters, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks...

Cisco Unified Communications Manager 信息泄露漏洞

Cisco Unified Communications Manager is the powerful call processing component of the Cisco Unified Communications solution. It is a scalable, distributable, and highly available enterprise Voice over IP call processing solution.Cisco Unified Communications Manager Session Management Edition is t...

CVE-2018-5213

The Simple Download Monitor plugin before 3.5.4 for WordPress has XSS via the sdmupload aka Downloadable File parameter in an edit action to wp-admin/post.php...

UBUNTU-CVE-2016-6628

An issue was discovered in phpMyAdmin. An attacker may be able to trigger a user to download a specially crafted malicious SVG file. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versions prior to 4.0.10.17 are affected...

Orbital Viewer 1.04 SEH Overflow

!/usr/bin/python sinn3r: I'm just submitting this for mrme Orbital Viewer v1.04 .orb 0day Local Universal SEH Overflow Exploit Date: 27 Feb 2010 CVE: CVE-2010-0688 Download: http://www.orbitals.com/orb/ov.htm Found & exploited by: mrme http://net-ninja.net Greetz to:...

Insecure Saving Of Downloadable File In Mozilla Firefox (Linux)

This host is installed with Mozilla Firefox and is prone to insecure saving of downloadable file. OpenVAS Vulnerability Test $Id: secpodfirefoxinsecuresavingdownloadfile.nasl 5055 2017-01-20 14:08:39Z teissa $ Insecure Saving Of Downloadable File In Mozilla Firefox Linux Authors: Sharath S...