31 matches found
MStore API < 3.9.8 - SQL Injection
The MStore API WordPress plugin before 3.9.8 is vulnerable to Blind SQL injection via the productid parameter. id: CVE-2023-3077 info: name: MStore API 3.9.8 - SQL Injection author: DhiyaneshDK severity: critical description: | The MStore API WordPress plugin before 3.9.8 is vulnerable to Blind S...
MStore API <= 4.10.7 - Unauthorized Account Access and Privilege Escalation
The MStore API plugin for WordPress is vulnerable to Unauthorized Account Access and Privilege Escalation in versions up to, and including, 4.10.7 due to improper implementation of the Apple login feature. This allows unauthenticated attackers to log in as any user as long as they know the user's...
MStore API <= 3.9.2 - Authentication Bypass
The MStore API plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.9.2. This is due to insufficient verification on the user being supplied during the add listing REST API request through the plugin. This makes it possible for unauthenticated attackers ...
CVE-2023-45055
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in InspireUI MStore API allows SQL Injection.This issue affects MStore API: from n/a through 4.0.6...
CVE-2023-50878
Cross-Site Request Forgery CSRF vulnerability in InspireUI MStore API.This issue affects MStore API: from n/a through 4.10.1...
EUVD-2023-49376
Malicious code in bioql PyPI...
EUVD-2024-52418
Malicious code in bioql PyPI...
EUVD-2023-55611
Malicious code in bioql PyPI...
EUVD-2022-50374
Malicious code in bioql PyPI...
CVE-2022-47614
Unauth. SQL Injection SQLi vulnerability in InspireUI MStore API plugin = 3.9.7 versions...
CVE-2024-54295
Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder ListApp Mobile Manager listapp-mobile-manager allows Authentication Bypass.This issue affects ListApp Mobile Manager: from n/a through = 1.7.7...
CVE-2024-54295
Authentication Bypass Using an Alternate Path or Channel vulnerability in FluxBuilder ListApp Mobile Manager listapp-mobile-manager allows Authentication Bypass.This issue affects ListApp Mobile Manager: from n/a through = 1.7.7...
CVE-2024-54295
CVE-2024-54295 affects ListApp Mobile Manager. The issue is Missing Authorization to Privilege Escalation leading to Authentication Bypass (CVE-2024-54295). CVSS 3.1 base score 9.8 (CRITICAL); attack vector NETWORK, no user interaction required, impact to confidentiality, integrity, and availabil...
PT-2024-36176 · Inspireui · Inspireui Listapp Mobile Manager
Name of the Vulnerable Software and Affected Versions: InspireUI ListApp Mobile Manager versions 1.7.7 and earlier Description: The issue is related to an Authentication Bypass Using an Alternate Path or Channel, which allows unauthorized access. Recommendations: For versions 1.7.7 and earlier,...
CVE-2023-50878
Cross-Site Request Forgery CSRF vulnerability in InspireUI MStore API.This issue affects MStore API: from n/a through 4.10.1...
CVE-2023-50878
Cross-Site Request Forgery CSRF vulnerability in InspireUI MStore API.This issue affects MStore API: from n/a through 4.10.1...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in InspireUI MStore API.This issue affects MStore API: from n/a through 4.10.1...
CVE-2023-50878 WordPress MStore API Plugin <= 4.10.1 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in InspireUI MStore API.This issue affects MStore API: from n/a through 4.10.1...
CVE-2023-50878
CVE-2023-50878 concerns a CSRF vulnerability in InspireUI MStore API. The connected Red Hat entry confirms a Cross-Site Request Forgery affecting the MStore API up to version 4.10.1. The initial and connected documents do not provide technical details about the root cause beyond CSRF, affected co...
CVE-2023-45055
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in InspireUI MStore API allows SQL Injection.This issue affects MStore API: from n/a through 4.0.6...