78 matches found
GHSA-9VVH-2768-C8VP OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists
Summary In affected versions of openclaw, Discord reaction ingestion for guild channels did not enforce the same member users and roles allowlist checks used for normal inbound guild messages. A non-allowlisted guild member could still trigger reaction events that were accepted and queued as...
OpenClaw: Discord guild reaction ingress could bypass users and roles allowlists
Summary In affected versions of openclaw, Discord reaction ingestion for guild channels did not enforce the same member users and roles allowlist checks used for normal inbound guild messages. A non-allowlisted guild member could still trigger reaction events that were accepted and queued as...
EUVD-2000-0636
Malware in sbrugna...
EUVD-2020-0165
Malware in sbrugna...
EUVD-2024-45647
Malicious code in bioql PyPI...
Malicious code in guild-rotator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a65fe418eb6f3e397826f4b880e1a87b1966ddc4813ed73c05697b831d23e31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2025-5500 Malicious code in guild-rotator (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9a65fe418eb6f3e397826f4b880e1a87b1966ddc4813ed73c05697b831d23e31 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CVE-2024-51850
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through = 0.5.5...
CVE-2020-27384
The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag...
CVE-2020-15278
Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user's control. By...
CVE-2024-51850
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through = 0.5.5...
CVE-2024-51850
CVE-2024-51850 is a Stored Cross-Site Scripting (XSS) vulnerability in the WordPress plugin WoW Guild Armory Roster (bchristopeit) affecting versions 0.5.5 and earlier. The issue arises from improper neutralization of user input during web page generation, enabling stored XSS via input that is re...
CVE-2024-51850 WordPress WoW Guild Armory Roster plugin <= 0.5.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through = 0.5.5...
CVE-2024-51850 WordPress WoW Guild Armory Roster plugin <= 0.5.5 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bchristopeit WoW Guild Armory Roster guild-armory-roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through = 0.5.5...
WordPress plugin WoW Guild Armory Roster 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
WordPress WoW Guild Armory Roster plugin <= 0.5.5 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin WoW Guild Armory Roster versions = 0.5.5...
WordPress WoW Guild Armory Roster Plugin <= 0.5.5 is vulnerable to Cross Site Scripting (XSS)
Software WoW Guild Armory Roster Type Plugin Vulnerable versions = 0.5.5 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51850 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 56dc451178b5 Credits SOPROBRO Required privilege...
CVE-2024-45307 SudoBot missing authorization check in `-config` command
SudoBot, a Discord moderation bot, is vulnerable to privilege escalation and exploit of the -config command in versions prior to 9.26.7. Anyone is theoretically able to update any configuration of the bot and potentially gain control over the bot's settings. Every version of v9 before v9.26.7 is...
CVE-2024-45307
SudoBot (Discord moderation bot) contains a privilege escalation flaw in the -config command due to missing authorization checks. Any user could update bot configurations and potentially take control of settings on affected installations. Affected versions are all v9 before 9.26.7; v8 and newer 9...
Guild FTPd 0.999.8.11/0.999.14 Heap Corruption
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Guild FTPd 0.999.8.11/0.999.14 Heap Corruption', 'Description' = %q Guild FTPd 0.999.8.11 and 0.999.14 are vulnerable to heap corruption. You nee...