Lucene search
K

5 matches found

ATTACKERKB
ATTACKERKB
added 2024/11/22 8:15 p.m.5 views

CVE-2023-51647

Allegra saveInlineEdit Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can b...

7.2CVSS6.3AI score0.02091EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/13 3:1 a.m.6 views

WordPress Media Library Assistant plugin <= 3.18 - Authenticated (Author+) Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action vulnerability

Authenticated Author+ Arbitrary File Upload via mla-inline-edit-upload-scripts AJAX Action vulnerability discovered by wesley wcraft in WordPress Plugin Media LIbrary Assistant versions = 3.18...

8.8CVSS5.3AI score0.01296EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.3 views

PT-2024-37887 · WordPress · Media Library Assistant

Name of the Vulnerable Software and Affected Versions: Media Library Assistant plugin for WordPress versions up to, and including, 3.18 Description: The issue arises from missing file type validation involving the mla-inline-edit-upload-scripts AJAX action. This allows authenticated attackers wit...

8.8CVSS7.9AI score0.01296EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2024/02/09 12:0 a.m.5 views

PT-2024-14223 · Allegra · Allegra

Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Allegra. Although authentication is required to exploit this issue, the existing authentication...

7.2CVSS7.8AI score0.02091EPSS
Exploits0References4
OSV
OSV
added 2014/12/26 2:59 a.m.4 views

DEBIAN-CVE-2011-3592

Multiple cross-site scripting XSS vulnerabilities in the PMAunInlineEditRow function in js/sql.js in phpMyAdmin 3.4.x before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via a 1 database name, 2 table name, or 3 column name that is not properly handled after an...

3.5CVSS5.8AI score0.01449EPSS
Exploits0References1
Rows per page
Query Builder