CVE-2023-6806

The Starbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Job Settings user profile fields in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level...

WordPress Plugin Starbox Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2023-6806 Starbox <= 3.4.8 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Job Settings

The Starbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Job Settings user profile fields in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber-level...

Starbox < 3.5.0 - Authenticated (Subscriber+) Stored Cross-Site Scripting via Job Settings

Description The Starbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Job Settings user profile fields in all versions up to, and including, 3.4.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

CVE-2021-39334

The Job Board Vanila WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient input validation and sanitization via the psjbexpin and the psjbcurrin parameters found in the /job-settings.php file which allowed attackers with administrative user access to inject arbitrary...

WordPress 插件 跨站脚本漏洞

WordPress Plugin is an open source application plugin for WordPress. The WordPress plugin is vulnerable to a cross-site scripting vulnerability that arises from insufficient input validation and cleanup in the Job Board Vanila plugin via the psjbexpin and psjbcurrin parameters in the...

SOS JobScheduler JOC Cockpit XML External Entity Vulnerability

Cockpit is an interactive server management interface. An XML External Entity XEE vulnerability exists in the SOS JobScheduler JOC Cockpit. An attacker can exploit this vulnerability to read files from the server via entity declarations in any XML document used to specify runtime settings for job...

Reverse incremental job scheduling does not work properly

Challenge Reverse incremental job starts ignoring their scheduled settings, and run on the days selected for Synthetic Fulls, even when the check-box is grayed out. Solution To resolve the issue you need to enable forward incremental mode in the job settings and deselect "Enable synthetic fulls"...

Format string

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...

CVE-2007-0391

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...

CVE-2007-0391

Format string vulnerability in the log creation functionality of BitDefender Client Professional Plus 8.02 allows attackers to execute arbitrary code via certain scan job settings...