WordPress BigBuy Dropshipping Connector for WooCommerce plugin IP address forgery vulnerability

WordPress BigBuy Dropshipping Connector for WooCommerce plugin is an open source plugin for the WordPress platform for WooCommerce e-commerce platform , support and BigBuy and other Dropshipping supplier docking , to achieve automatic synchronization of goods It supports interfacing with BigBuy a...

Go-Guerrilla 输入验证错误漏洞

Go-Guerrilla is a lightweight SMTP server written in Go by the individual developer Philipp Resch. An input validation error vulnerability exists in Go-Guerrilla versions prior to 1.6.7, which stems from the PROXY command being accepted multiple times when ProxyOn is enabled, potentially leading ...

Session fixation

Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operatio...

CVE-2023-28809

Some access control products are vulnerable to a session hijacking attack because the product does not update the session ID after a user successfully logs in. To exploit the vulnerability, attackers have to request the session ID at the same time as a valid user logs in, and gain device operatio...

CVE-2022-24594

In waline 1.6.1, an attacker can submit messages using X-Forwarded-For to forge any IP address...

CVE-2022-24594

In waline 1.6.1, an attacker can submit messages using X-Forwarded-For to forge any IP address...

Finecms 1.7.2 injection vulnerability-vulnerability warning-the black bar safety net

漏洞 文件 :Client.Class.php 2 9 the rows at public static function getuserip ifgetenv'HTTPCLIENTIP' && strcasecmpgetenv'HTTPCLIENTIP', 'unknown' $onlineip = getenv'HTTPCLIENTIP'; elseifgetenv'HTTPXFORWARDEDFOR' && strcasecmpgetenv'HTTPXFORWARDEDFOR', 'unknown' $onlineip = getenv'HTTPXFORWARDEDFOR';...