8209 matches found
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
dotnet: ASP.NET Security Feature Bypass Vulnerability in Blazor forms
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package...
CVE-2023-36558
A security feature bypass vulnerability was found in Blazor forms in ASP.NET in the .NET package. Mitigation Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability t...
Remote Code Execution (RCE)
statamic/cms is vulnerable to Remote Code Execution RCE. This vulnerability impacts both front-end forms employing the Forms feature and asset upload fields in the control panel. Malicious actors can exploit this loophole to introduce and execute arbitrary code via uploading image files...
Moderate: dotnet8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Security Fixes: dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass...
Moderate: dotnet7.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 7.0.114 and .NET Runtime 7.0.14...
ALSA-2023:7258 Moderate: dotnet6.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. New versions of .NET that address a security vulnerability are now available. The updated versions are .NET SDK 6.0.125 and .NET Runtime 6.0.25...
ALSA-2023:7253 Moderate: dotnet8.0 security update
.NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR implementation. Security Fixes: dotnet: Arbitrary File Write and Deletion Vulnerability: FormatFtpCommand CVE-2023-36049 dotnet: ASP.NET Security Feature Bypass...
Statamic CMS vulnerable to remote code execution via form uploads
Impact Similar to another advisory, certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fields in the control panel. Patches It has been patched in 3.4.14 and...
CVE-2023-48217
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...
CVE-2023-48217 Remote code execution via form uploads in statamic/cms
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...
CVE-2023-48217 Remote code execution via form uploads in statamic/cms
Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. In affected versions certain additional PHP files crafted to look like images may be uploaded regardless of mime type validation rules. This affects front-end forms using the "Forms" feature, and asset upload fiel...
CVE-2023-47545
Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...
CVE-2023-47545
Auth. editor+ Stored Cross-Site Scripting XSS vulnerability in Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin = 2.5.4 versions...
CVE-2023-47545
CVE-2023-47545 affects Fatcat Apps Forms for Mailchimp by Optin Cat – Grow Your MailChimp List plugin for WordPress, versions = 2.5.5 recommended.
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass when the Blazor server forms in ASP.NET Core applications are used. An attacker can bypass validation and trigger unintended actions by exploiting this vulnerability. This is only exploitable if the application is ...
CVE-2023-47669
Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin = 3.10.3 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Cozmoslabs User Profile Builder – Beautiful User Registration Forms, User Profiles & User Role Editor plugin = 3.10.3 versions...
CVE-2023-47230
Cross-Site Request Forgery CSRF vulnerability in Cimatti Consulting WordPress Contact Forms by Cimatti plugin = 1.6.0 versions...