3 matches found
WordPress Browser Theme Color Plugin <= 1.3.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Browser Theme Color Type Plugin Vulnerable versions = 1.3.1 Fixed in 1.4 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-22291 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f3cc2d8b5b16 Credits Nguyen Xuan Chien...
CVE-2018-1000870
PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in /app/admin/users/print-user.php that can result in Execute code in the victims browser. This attack appear to be exploitable via Attacker change theme parameter in user settings. AdminVictim views user in admin-panel and gets...
CVE-2018-1000046
NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in Radar data parsing library that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.4...