260 matches found
AZL-70120 CVE-2023-53037 affecting package kernel 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to the OS by the driver fails INQUIRY commands, the driver frees up the memory allocated for an interna...
Cyber Forensic Expert in 2,000+ Cases Faces FBI Probe
A Minnesota cybersecurity and computer forensics expert whose testimony has featured in thousands of courtroom trials over the past 30 years is facing questions about his credentials and an inquiry from the Federal Bureau of Investigation FBI. Legal experts say the inquiry could be grounds to...
Cybersecurity Professor Faced China-Funding Inquiry Before Disappearing, Sources Say
A lawyer for Xiaofeng Wang and his wife says they are “safe” after FBI searches of their homes and Wang’s sudden dismissal from Indiana University, where he taught for over 20 years...
Rancher's SAML-based login via CLI can be denied by unauthenticated users
Impact A vulnerability has been identified within Rancher where it is possible for an unauthenticated user to list all CLI authentication tokens and delete them before the CLI is able to get the token value. This effectively prevents users from logging in via the CLI when using rancher token as t...
CVE-2024-7854
The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...
Your location or browsing habits could lead to price increases when buying online
Companies are showing customers different prices for the same goods and services based what data they have on them, including details like their precise location or browser history. The name for this method is surveillance pricing, and the FTC has just released initial findings of a report lookin...
Exploit for SQL Injection in Sjhoo Woo_Inquiry
CVE-2024-7854 Woo Inquiry = 0.1 - Unauthenticated SQL Inje...
Ireland's Watchdog Launches Inquiry into Google's AI Data Practices in Europe
The Irish Data Protection Commission DPC has announced that it has commenced a "Cross-Border statutory inquiry" into Google's foundational artificial intelligence AI model to determine whether the tech giant has adhered to data protection regulations in the region when processing the personal dat...
CVE-2024-7854
The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...
CVE-2024-7854
Summary (CVE-2024-7854) The Woo Inquiry plugin for WordPress ( 0.1 (or apply vendor-provided patch). If upgrading is not possible, avoid exposing the vulnerable endpoint and monitor for further guidance from the plugin maintainer.
CVE-2024-7854 Woo Inquiry <= 0.1 - Unauthenticated SQL Injection
The Woo Inquiry plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 0.1 due to insufficient escaping on the user supplied parameter 'dbid' and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to...
WordPress Woo Inquiry plugin <= 0.1 - Unauthenticated SQL Injection vulnerability
Unauthenticated SQL Injection vulnerability discovered by theviper17y in WordPress Plugin Woo Inquiry versions = 0.1...
WordPress plugin Woo Inquiry 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
WordPress Woo Inquiry Plugin <= 0.1 is vulnerable to SQL Injection
Software Woo Inquiry Type Plugin Vulnerable versions = 0.1 Fixed in N/A OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-7854 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID ca23e91f2448 Credits theviper17y Required privilege Unauthenticated Published...
MAL-2024-2158 Malicious code in down_load_ebook_coacher_avec_l_appreciative_inquiry_by_jean_pages_l68qu (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-5155
The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-5155 Inquiry Cart <= 3.4.2 - Stored XSS via CSRF
The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2024-5155 Inquiry Cart <= 3.4.2 - Stored XSS via CSRF
The Inquiry cart WordPress plugin through 3.4.2 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
WordPress plugin Inquiry cart security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPress...
PT-2024-34698 · WordPress · Inquiry Cart Wordpress Plugin
Name of the Vulnerable Software and Affected Versions: Inquiry cart WordPress plugin versions 3.4.2 and earlier Description: The issue concerns the lack of CSRF checks in some areas of the plugin, as well as missing sanitization and escaping. This could allow attackers to make logged-in admins ad...