187 matches found
CVE-2024-32720
CVE-2024-32720 corresponds to a CAPTCHA bypass vulnerability in the WordPress plugin Appointment Hour Booking (versions
CVE-2024-32720 WordPress Appointment Hour Booking plugin <= 1.4.56 - Captcha Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment Hour Booking allows Removing Important Client Functionality.This issue affects Appointment Hour Booking: from n/a through 1.4.56...
CVE-2024-32720 WordPress Appointment Hour Booking plugin <= 1.4.56 - Captcha Bypass vulnerability
Improper Restriction of Excessive Authentication Attempts vulnerability in CodePeople Appointment Hour Booking allows Removing Important Client Functionality.This issue affects Appointment Hour Booking: from n/a through 1.4.56...
WordPress plugin Appointment Hour Booking 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
Appointment Hour Booking < 1.4.57 - Captcha Bypass
Description The Appointment Hour Booking plugin for WordPress is vulnerable to CAPTCHA Bypass in versions up to, and including, 1.4.56. This makes it possible for unauthenticated attackers to bypass the Captcha Verification...
Tenda 4G300 安全漏洞
The Tenda 4G300 is a portable wireless router aimed at users who need mobile Internet access scenarios. The Tenda 4G300 suffers from a buffer overflow vulnerability that stems from incorrect manipulation of the parameters year/month/day/hour/minute/second, for which no detailed vulnerability...
WordPress Appointment Hour Booking plugin <= 1.4.56 - Captcha Bypass vulnerability
Captcha Bypass vulnerability discovered by Mochamad Sofyan Patchstack Alliance in WordPress Plugin Appointment Hour Booking versions = 1.4.56...
WordPress Appointment Hour Booking Plugin <= 1.4.56 is vulnerable to Other Vulnerability Type
Software Appointment Hour Booking Type Plugin Vulnerable versions = 1.4.56 Fixed in 1.4.57 OWASP Top 10 A4: Insecure Design Classification Other Vulnerability Type CVE CVE-2024-32720 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 228e58c3426d Credits Mochamad Sofyan...
Malicious code in u-workflow.module.common.hour-of-week (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fa993331c82ce09532f10dfb1eb3586e1a3343188c93733712aad7f47cb49539 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
CloudMiner - Execute Code Using Azure Automation Service Without Getting Charged
Execute code within Azure Automation service without getting charged Description CloudMiner is a tool designed to get free computing power within Azure Automation service. The tool utilizes the upload module/package flow to execute code which is totally free to use. This tool is intended for...
CVE-2023-51026
TOTOlink EX1800T V9.1.0cu.2112B20220316 is vulnerable to unauthorized arbitrary command execution in the ‘hour’ parameter of the setRebootScheCfg interface of the cstecgi .cgi...
PT-2023-31741 · Totolink · Totolink Ex1800T
Name of the Vulnerable Software and Affected Versions: TOTOlink EX1800T version 9.1.0cu.2112 B20220316 Description: The issue allows for unauthorized arbitrary command execution in the hour parameter of the setRebootScheCfg interface of the cstecgi .cgi. This could potentially lead to malicious...
TOTOLINK EX1800T 安全漏洞
The TOTOLINK EX1800T is a Wi-Fi range extender from China's Gion Electronics TOTOLINK. A command execution vulnerability exists in the TOTOLINK EX1800T setRebootScheCfg interface. The vulnerability stems from the failure of the hour parameter of the setRebootScheCfg interface of cstecgi .cgi to...
WordPress Appointment Hour Booking Plugin <= 1.4.23 is vulnerable to Broken Access Control
Software Appointment Hour Booking Type Plugin Vulnerable versions = 1.4.23 Fixed in 1.4.24 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-45649 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ded4fde40f34 Credits konagash Required...
WordPress Appointment Hour Booking Plugin < 1.3.17 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dwbooster:appointmenthourbooking"; ifdescription...
WordPress Appointment Hour Booking Plugin < 1.3.16 XSS Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dwbooster:appointmenthourbooking"; ifdescription...
WordPress Appointment Hour Booking Plugin < 1.3.72 Missing Authorization Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dwbooster:appointmenthourbooking"; ifdescription...
WordPress Appointment Hour Booking Plugin < 1.3.73 Multiple Vulnerabilities
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dwbooster:appointmenthourbooking"; ifdescription...
PT-2023-23274 · Unknown · Startsharp +1
Name of the Vulnerable Software and Affected Versions: Serenity Serene versions prior to 6.7.0 StartSharp versions prior to 6.7.0 Description: An issue was discovered where password reset links sent by email contain a token that remains valid even after the password reset, allowing it to be used...
2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots
As a primary working interface, the browser plays a significant role in today's corporate environment. The browser is constantly used by employees to access websites, SaaS applications and internal applications, from both managed and unmanaged devices. A new report published by LayerX, a browser...