99 matches found
WordPress plugin StreamWeasels Kick Integration 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
CVE-2024-10184
The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-kick-embed shortcode in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
CVE-2022-46586
TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the qcawifi.wifi%dvap%d.maclist parameter in the kickbanwifimacallow sub415B00 function...
WordPress plugin Ayyash Studio The kick-start kit 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in PHP. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin Ayyash Studio The kick-start kit 1.0.3 an...
The vulnerability of the iocg_kick_delay() function in the block/blk-iocost.c module of the blk-iocost component of the Linux operating system allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the iocgkickdelay function in the block/blk-iocost.c module of the blk-iocost component of the Linux operating system is related to integer overflow. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of...
CVE-2024-10184 SW Kick Integration - Blocks and Shortcodes for Embedding Kick Streams <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via sw-kick-embed Shortcode
The StreamWeasels Kick Integration plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's sw-kick-embed shortcode in all versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...
CVE-2024-10184
CVE-2024-10184 affects StreamWeasels Kick Integration plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) via the sw-kick-embed shortcode, occurring in all versions up to 1.1.1 due to insufficient input sanitization and output escaping on user-supplied attributes. Explo...
WordPress SW Kick Integration plugin <= 1.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via sw-kick-embed Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via sw-kick-embed Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin SW Kick Integration versions = 1.1.1...
WordPress plugin StreamWeasels Kick Integration 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in...
PT-2024-16099 · WordPress · Streamweasels Kick Integration
Name of the Vulnerable Software and Affected Versions: StreamWeasels Kick Integration plugin for WordPress versions up to, and including, 1.1.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's sw-kick-embed shortcode due to insufficient input sanitization and outp...
WordPress SW Kick Integration Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS)
Software SW Kick Integration Type Plugin Vulnerable versions = 1.1.1 Fixed in 1.1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-10184 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f0ac845fe096 Credits Peter Thaleikis...
FreeBSD : znc -- remote code execution vulnerability (8057d198-4d26-11ef-8e64-641c67a117d8)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 8057d198-4d26-11ef-8e64-641c67a117d8 advisory. Mitre reports: In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK. Tenable has...
SUSE CVE-2024-39844
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK...
DEBIAN-CVE-2024-39844
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK...
CVE-2024-39844
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK...
UBUNTU-CVE-2024-39844
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK...
CVE-2024-39844
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK...
CVE-2024-39844
In ZNC before 1.9.1, remote code execution can occur in modtcl via a KICK...
ZNC Security Vulnerabilities
ZNC is ZNC's open source set of IRC proxies that allow users to log in to IRC servers from their workstations. A security vulnerability exists in ZNC versions prior to 1.9.1, which stems from a remote code execution that can be performed in modtcl via KICK...
CVE-2024-39844
CVE-2024-39844 affects ZNC prior to 1.9.1. The vulnerability is a remote code execution flaw in the modtcl module that can be triggered by a KICK event, enabling an attacker to execute code remotely over the network. Connected advisories and Nessus/NASL records consistently describe this issue an...