90 matches found
EUVD-2014-8507
Malware in sbrugna...
CVE-2020-5804
Marvell QConvergeConsole GUI = 5.5.0.74 is affected by a path traversal vulnerability. The deleteEventLogFile method of the GWTTestServiceImpl class lacks proper validation of a user-supplied path prior to using it in file deletion operations. An authenticated, remote attacker can leverage this...
CVE-2014-8671
Cross-site scripting XSS vulnerability in the GWT Mobile PhoneGap Showcase application for Android allows remote attackers to inject arbitrary web script or HTML via a crafted Bluetooth Device Name field...
CVE-2024-12680
The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12679
The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12680
The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12679
The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12679
The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12680
CVE-2024-12680 affects the WordPress plugin Prisna GWT (Prisna GWT WordPress plugin) prior to 1.4.14. The issue stems from insufficient sanitisation/escaping of certain settings, enabling stored XSS by high-privilege users (e.g., admins), even when unfiltered_html is disallowed (such as in multis...
CVE-2024-12680 Prisna GWT < 1.4.14 - Admin+ Stored XSS
The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12680 Prisna GWT < 1.4.14 - Admin+ Stored XSS
The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-12679 Prisna GWT < 1.4.14 - Admin+ Stored XSS
The Prisna GWT WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
WordPress plugin Prisna GWT 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security...
SUSE CVE-2012-6534
Novell Sentinel Log Manager before 1.2.0.3 allows remote attackers to create data retention policies via a crafted text/x-gwt-rpc request to novelllogmanager/datastorageservice.rpc, and allows remote authenticated Report Administrators to create data retention policies via a search-results "Save...
CVE-2024-8514
The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'prisnaimport' parameter. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2024-8514
The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'prisnaimport' parameter. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2024-8514 Prisna GWT - Google Website Translator <= 1.4.11 - Authenticated (Admin+) PHP Object Injection
The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'prisnaimport' parameter. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2024-8514 Prisna GWT - Google Website Translator <= 1.4.11 - Authenticated (Admin+) PHP Object Injection
The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.4.11 via deserialization of untrusted input from the 'prisnaimport' parameter. This makes it possible for authenticated attackers, with Administrator-level...
CVE-2024-8514
CVE-2024-8514 : The Prisna GWT – Google Website Translator plugin for WordPress is vulnerable to authenticated PHP Object Injection via deserialization of input in the prisna_import parameter for versions up to and including 1.4.11. An attacker with Administrator-level access could inject a PHP o...
WordPress Prisna GWT – Google Website Translator Plugin <= 1.4.11 is vulnerable to PHP Object Injection
Software Prisna GWT – Google Website Translator Type Plugin Vulnerable versions = 1.4.11 Fixed in 1.4.12 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2024-8514 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID 96a1cccedfb0 Credits Lesor101 Required...