Lucene search
+L

187 matches found

CVE
CVE
added 2024/05/17 9:37 a.m.57 views

CVE-2024-32720

CVE-2024-32720 corresponds to a CAPTCHA bypass vulnerability in the WordPress plugin Appointment Hour Booking (versions

5.3CVSS6.8AI score0.00351EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/17 9:37 a.m.14 views

CVE-2024-32720 WordPress Appointment Hour Booking plugin <= 1.4.56 - Captcha Bypass vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment Hour Booking allows Removing Important Client Functionality.This issue affects Appointment Hour Booking: from n/a through 1.4.56...

5.3CVSS7AI score0.00351EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 9:37 a.m.28 views

CVE-2024-32720 WordPress Appointment Hour Booking plugin <= 1.4.56 - Captcha Bypass vulnerability

Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment Hour Booking allows Removing Important Client Functionality.This issue affects Appointment Hour Booking: from n/a through 1.4.56...

5.3CVSS5.3AI score0.00351EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.4 views

WordPress plugin Appointment Hour Booking 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.8AI score0.00351EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2024/05/03 12:0 a.m.13 views

Appointment Hour Booking < 1.4.57 - Captcha Bypass

Description The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 1.4.56. This makes it possible for unauthenticated attackers to bypass the Captcha Verification...

5.3CVSS7.1AI score0.00351EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/04/25 12:0 a.m.5 views

Tenda 4G300 安全漏洞

The Tenda 4G300 is a portable wireless router aimed at users who need mobile Internet access scenarios. The Tenda 4G300 suffers from a buffer overflow vulnerability that stems from incorrect manipulation of the parameters year/month/day/hour/minute/second, for which no detailed vulnerability...

9CVSS7.4AI score0.01755EPSS
Exploits1References5
Patchstack
Patchstack
added 2024/04/22 12:10 p.m.4 views

WordPress Appointment Hour Booking plugin <= 1.4.56 - Captcha Bypass vulnerability

Captcha Bypass vulnerability discovered by Mochamad Sofyan Patchstack Alliance in WordPress Plugin Appointment Hour Booking versions = 1.4.56...

5.3CVSS7AI score0.00351EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/04/22 12:0 a.m.8 views

WordPress Appointment Hour Booking Plugin <= 1.4.56 is vulnerable to Other Vulnerability Type

Software Appointment Hour Booking Type Plugin Vulnerable versions = 1.4.56 Fixed in 1.4.57 OWASP Top 10 A4: Insecure Design Classification Other Vulnerability Type CVE CVE-2024-32720 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 228e58c3426d Credits Mochamad Sofyan...

5.3CVSS6.5AI score0.00351EPSS
Exploits0References2Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/03/29 1:32 a.m.10 views

Malicious code in u-workflow.module.common.hour-of-week (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa993331c82ce09532f10dfb1eb3586e1a3343188c93733712aad7f47cb49539 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Kitploit
Kitploit
added 2024/02/09 11:30 a.m.23 views

CloudMiner - Execute Code Using Azure Automation Service Without Getting Charged

Execute code within Azure Automation service without getting charged Description CloudMiner is a tool designed to get free computing power within Azure Automation service. The tool utilizes the upload module/package flow to execute code which is totally free to use. This tool is intended for...

7.7AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2023/12/22 6:15 p.m.3 views

CVE-2023-51026

TOTOlink EX1800T V9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi...

9.8CVSS6.1AI score0.01049EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/12/22 12:0 a.m.13 views

PT-2023-31741 · Totolink · Totolink Ex1800T

Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution in the hour parameter of the setRebootScheCfg interface of the cstecgi .cgi. This could potentially lead to malicious...

9.8CVSS7.3AI score0.01049EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/12/22 12:0 a.m.8 views

TOTOLINK EX1800T 安全漏洞

The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setRebootScheCfg interface. The vulnerability stems from the failure of the hour parameter of the setRebootScheCfg interface of cstecgi .cgi to...

9.8CVSS7.7AI score0.01049EPSS
Exploits1References2
Patchstack
Patchstack
added 2023/10/11 12:0 a.m.16 views

WordPress Appointment Hour Booking Plugin <= 1.4.23 is vulnerable to Broken Access Control

Software Appointment Hour Booking Type Plugin Vulnerable versions = 1.4.23 Fixed in 1.4.24 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-45649 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ded4fde40f34 Credits konagash Required...

6.5AI score0.00364EPSS
Exploits0References2Affected Software1
OpenVAS
OpenVAS
added 2023/08/11 12:0 a.m.19 views

WordPress Appointment Hour Booking Plugin < 1.3.17 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dwbooster:appointmenthourbooking"; ifdescription...

5.4CVSS5.6AI score0.00604EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2023/08/11 12:0 a.m.13 views

WordPress Appointment Hour Booking Plugin < 1.3.16 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dwbooster:appointmenthourbooking"; ifdescription...

4.8CVSS5.3AI score0.00598EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2023/08/11 12:0 a.m.19 views

WordPress Appointment Hour Booking Plugin < 1.3.72 Missing Authorization Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dwbooster:appointmenthourbooking"; ifdescription...

8.8CVSS7AI score0.00494EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2023/08/11 12:0 a.m.23 views

WordPress Appointment Hour Booking Plugin < 1.3.73 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dwbooster:appointmenthourbooking"; ifdescription...

7.8CVSS7.7AI score0.00687EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2023/04/27 12:0 a.m.5 views

PT-2023-23274 · Unknown · Startsharp +1

Name of the Vulnerable Software and Affected Versions: Serenity Serene versions prior to 6.7.0 StartSharp versions prior to 6.7.0 Description: An issue was discovered where password reset links sent by email contain a token that remains valid even after the password reset, allowing it to be used...

7.8CVSS7.2AI score0.00435EPSS
Exploits1References9
The Hacker News
The Hacker News
added 2023/03/02 11:35 a.m.4 views

2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots

As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices. A new report published by LayerX, a browser...

6.9AI score
Exploits0
Rows per page
Query Builder