CVE-2024-35665

Missing Authorization vulnerability in namithjawahar Insert Post Ads.This issue affects Insert Post Ads: from n/a through 1.3.2...

CVE-2024-35665 WordPress Insert Post Ads plugin <= 1.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in namithjawahar Insert Post Ads.This issue affects Insert Post Ads: from n/a through 1.3.2...

CVE-2024-35665

CVE-2024-35665: Missing Authorization in Insert Post Ads (WordPress plugin) affects version range up to 1.3.2. Public technical details are limited; the vulnerability is described as Missing Authorization with CVSS 5.3 (Network, Low complexity, None privileges, No user interaction, Integrity impa...

CVE-2024-35665 WordPress Insert Post Ads plugin <= 1.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in namithjawahar Insert Post Ads.This issue affects Insert Post Ads: from n/a through 1.3.2...

WordPress plugin Insert Post Ads security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-0756

The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page...

CVE-2024-0756 Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Iframe Injection

The Insert or Embed Articulate Content into WordPress plugin through 4.3000000023 lacks validation of URLs when adding iframes, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page...

SUSE CVE-2022-1184

A use-after-free flaw was found in fs/ext4/namei.c:dxinsertblock in the Linux kernel's filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service...

WordPress Insert Post Ads plugin <= 1.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Insert Post Ads versions = 1.3.2...

PT-2024-40787 · Unknown · Javaparser

Name of the Vulnerable Software and Affected Versions: JavaParser affected versions not specified Description: The issue is related to a security exception in the CommentsInserter class. The crash occurs in the insertComments function, which is part of the JavaParser library. The error is also...

PoolParty - A Set Of Fully-Undetectable Process Injection Techniques Abusing Windows Thread Pools

A collection of fully-undetectable process injection techniques abusing Windows Thread Pools. Presented at Black Hat EU 2023 Briefings under the title - injection-techniques-using-windows-thread-pools-35446"The Pool Party You Will Never Forget: New Process Injection Techniques UsingWindows Thread...

CVE-2024-5238

A vulnerability, which was classified as critical, was found in Campcodes Complete Web-Based School Management System 1.0. This affects an unknown part of the file /view/timetableinsertform.php. The manipulation of the argument grade leads to sql injection. It is possible to initiate the attack...

CVE-2024-5238

CVE-2024-5238 affects Campcodes Complete Web-Based School Management System 1.0. The vulnerability is an SQL injection in an unknown part of /view/timetable_insert_form.php triggered by manipulating the grade parameter. It can be exploited remotely and has publicly disclosed exploit information (...

GHSA-GPGJ-XRGW-8MX2 NASA AIT-Core vulnerable to SQL Injection

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...

CVE-2024-35056

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...

CVE-2024-35056

NASA AIT-Core v2.5.2 was discovered to contain multiple SQL injection vulnerabilities via the querypackets and insert functions...

PT-2024-26300 · Nasa · Nasa Ait-Core

Name of the Vulnerable Software and Affected Versions: NASA AIT-Core version 2.5.2 Description: The issue concerns multiple SQL injection vulnerabilities. These vulnerabilities are present in the query packets and insert functions, allowing for potential SQL injection attacks. There is no...

NASA AIT-Core 安全漏洞

NASA AIT-Core is a Python-based software suite organized by NASA. A security vulnerability exists in NASA AIT-Core version v2.5.2 that stems from the inclusion of multiple SQL injection vulnerabilities via the querypackets and insert functions...

PT-2024-11279 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the bcache feature in the Linux kernel, specifically in the cache missing code path. A potential kernel panic can occur due to an oversized read request. The...

CVE-2024-35056

CVE-2024-35056 affects NASA AIT-Core v2.5.2 with multiple SQL injection vulnerabilities in the query_packets and insert functions. The issue is documented across multiple sources (Red Hat, GHSA, OSV, NVD/CVE, and PT-Security) with a high-severity CVSS v3.1 base score of 9.8 (Critical) and network...