Lucene search
K

260 matches found

OSV
OSV
added 2025/05/02 4:15 p.m.4 views

AZL-70120 CVE-2023-53037 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an interna...

7.8CVSS5.6AI score0.00172EPSS
Exploits0References1
Krebs on Security
Krebs on Security
added 2025/04/04 4:37 p.m.21 views

Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe

A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation FBI. Legal experts say the inquiry could be grounds to...

7.1AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2025/04/02 5:31 p.m.22 views

Cybersecurity Professor Faced China-Funding Inquiry Before Disappearing, Sources Say

A lawyer for Xiaofeng Wang and his wife says they are “safe” after FBI searches of their homes and Wang’s sudden dismissal from Indiana University, where he taught for over 20 years...

7.4AI score
Exploits0
Github Security Blog
Github Security Blog
added 2025/02/27 6:27 p.m.17 views

Rancher's SAML-based login via CLI can be denied by unauthenticated users

Impact A vulnerability has been identified within Rancher where it is possible for an unauthenticated user to list all CLI authentication tokens and delete them before the CLI is able to get the token value. This effectively prevents users from logging in via the CLI when using rancher token as t...

5.3CVSS6.8AI score0.00527EPSS
Exploits0References15Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/05 11:32 a.m.10 views

CVE-2024-7854

The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...

10CVSS7.4AI score0.04317EPSS
Exploits1References1
Malwarebytes
Malwarebytes
added 2025/01/20 2:50 p.m.9 views

Your location or browsing habits could lead to price increases when buying online

Companies are showing customers different prices for the same goods and services based what data they have on them, including details like their precise location or browser history. The name for this method is surveillance pricing, and the FTC has just released initial findings of a report lookin...

6.9AI score
Exploits0
GithubExploit
GithubExploit
added 2024/10/04 2:59 p.m.80 views

Exploit for SQL Injection in Sjhoo Woo_Inquiry

CVE-2024-7854 Woo Inquiry = 0.1 - Unauthenticated SQL Inje...

10CVSS9.7AI score0.04317EPSS
Exploits1
The Hacker News
The Hacker News
added 2024/09/12 10:32 a.m.8 views

Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe

The Irish Data Protection Commission DPC has announced that it has commenced a "Cross-Border statutory inquiry" into Google's foundational artificial intelligence AI model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal dat...

6.8AI score
Exploits0
NVD
NVD
added 2024/08/21 6:15 a.m.24 views

CVE-2024-7854

The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...

10CVSS0.04317EPSS
Exploits1References2
CVE
CVE
added 2024/08/21 5:30 a.m.78 views

CVE-2024-7854

Summary (CVE-2024-7854) The Woo Inquiry plugin for WordPress ( 0.1 (or apply vendor-provided patch). If upgrading is not possible, avoid exposing the vulnerable endpoint and monitor for further guidance from the plugin maintainer.

10CVSS9.7AI score0.04317EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2024/08/21 5:30 a.m.28 views

CVE-2024-7854 Woo Inquiry <= 0.1 - Unauthenticated SQL Injection

The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...

10CVSS0.04317EPSS
Exploits1References2
Patchstack
Patchstack
added 2024/08/21 1:49 a.m.8 views

WordPress Woo Inquiry plugin <= 0.1 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by theviper17y in WordPress Plugin Woo Inquiry versions = 0.1...

10CVSS8.1AI score0.04317EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.8 views

WordPress plugin Woo Inquiry 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

9.8CVSS6.9AI score0.00852EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/08/21 12:0 a.m.14 views

WordPress Woo Inquiry Plugin <= 0.1 is vulnerable to SQL Injection

Software Woo Inquiry Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-7854 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID ca23e91f2448 Credits theviper17y Required privilege Unauthenticated Published...

10CVSS6.8AI score0.04317EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2024/06/25 12:38 p.m.9 views

MAL-2024-2158 Malicious code in down_load_ebook_coacher_avec_l_appreciative_inquiry_by_jean_pages_l68qu (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
NVD
NVD
added 2024/06/14 6:15 a.m.26 views

CVE-2024-5155

The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.1CVSS0.00212EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/06/14 6:0 a.m.14 views

CVE-2024-5155 Inquiry Cart <= 3.4.2 - Stored XSS via CSRF

The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

5.8AI score0.00212EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/06/14 6:0 a.m.29 views

CVE-2024-5155 Inquiry Cart <= 3.4.2 - Stored XSS via CSRF

The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

0.00212EPSS
Exploits2References1
CNNVD
CNNVD
added 2024/06/14 12:0 a.m.3 views

WordPress plugin Inquiry cart security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...

6.1CVSS5.9AI score0.00212EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.6 views

PT-2024-34698 · WordPress · Inquiry Cart Wordpress Plugin

Name of the Vulnerable Software and Affected Versions: Inquiry cart WordPress plugin versions 3.4.2 and earlier Description: The issue concerns the lack of CSRF checks in some areas of the plugin, as well as missing sanitization and escaping. This could allow attackers to make logged-in admins ad...

6.1CVSS5.2AI score0.00212EPSS
Exploits2References4
Rows per page
Query Builder