18 matches found
CVE-2023-4933
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled...
EUVD-2023-49382
Malicious code in bioql PyPI...
CVE-2023-45061
Missing Authorization vulnerability in awsm.in WP Job Openings wp-job-openings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Openings: from n/a through = 3.4.1...
CVE-2023-45061
Missing Authorization vulnerability in awsm.in WP Job Openings wp-job-openings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Openings: from n/a through = 3.4.1...
CVE-2023-45061 WordPress WP Job Openings plugin <= 3.4.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in awsm.in WP Job Openings wp-job-openings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Job Openings: from n/a through = 3.4.1...
CVE-2023-45061
CVE-2023-45061 affects the WordPress plugin WP Job Openings (versions <= 3.4.1). The vulnerability is a Missing Authorization / Broken Access Control issue, exploitable by unauthenticated users due to incorrectly configured access control. Patchstack documentation confirms the issue is low sev...
WordPress plugin WP Job Openings 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
CVE-2023-4933
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled...
Code injection
The WP Job Openings WordPress plugin before 3.4.3 does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled...
WordPress plugin WP Job Openings Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability in the WordPress...
PT-2023-31170 · WordPress · Wp Job Openings
Name of the Vulnerable Software and Affected Versions: WP Job Openings WordPress plugin versions prior to 3.4.3 Description: The issue allows unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled, due to the plugin not blocking the...
WordPress WP Job Openings Plugin <= 3.4.1 is vulnerable to Broken Access Control
Software WP Job Openings Type Plugin Vulnerable versions = 3.4.1 Fixed in 3.4.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-45061 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 80557dfd2883 Credits Revan Arifio Required privile...
WordPress WP Job Openings Plugin <= 3.4.2 is vulnerable to Sensitive Data Exposure
Software WP Job Openings Type Plugin Vulnerable versions = 3.4.2 Fixed in 3.4.3 OWASP Top 10 A5: Security Misconfiguration Classification Sensitive Data Exposure CVE CVE-2023-4933 Patch priority Low CVSS severity Low 3.7 Developer Claim ownership PSID 654671e3575f Credits Dmitrii Ignatyev Require...
WP Job Openings < 3.4.3 - Sensitive Data Exposure via Directory Listing
Description The plugin does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled...
WP Job Openings < 3.4.3 - Sensitive Data Exposure via Directory Listing
Description The plugin does not block listing the contents of the directories where it stores attachments to job applications, allowing unauthenticated visitors to list and download private attachments if the autoindex feature of the web server is enabled. PoC...
Open Sourcing StringSifter
Malware analysts routinely use the Strings program during static analysis in order to inspect a binary's printable characters. However, identifying relevant strings by hand is time consuming and prone to human error. Larger binaries produce upwards of thousands of strings that can quickly evoke...
Razer US: SQL Injection on careers.razerzone.com within the Admin interface without any access credentials
The researcher discovered a SQL Injection vulnerability on our careers.razerzone.com host, which is used to list job openings for Razer worldwide and receive application submissions from potential hires. This vulnerability could have allowed the exfiltration of admin credentials as well as person...
ASPSiteware JobPost SQL injection Vulnerability
Exploit for asp platform in category web applications =============================================== ASPSiteware JobPost SQL injection Vulnerability =============================================== 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=1 3 3 3 3 7 /' \ /'\ /'\ /\ ...