19 matches found
EUVD-2022-5675
Malicious code in bioql PyPI...
CVE-2020-13486
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
CVE-2020-13485
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
Knock Knock plugin Open redirection vulnerability
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
GHSA-M69R-4H68-XQ7J Knock Knock plugin Open redirection vulnerability
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
GHSA-WXVR-QQM7-6H65 Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
Knock Knock plugin IP Whitelist bypass via an X-Forwarded-For HTTP header
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
Knock Knock Input Validation Error Vulnerability
Pixel & Tonic Craft CMS is the United States Pixel & Tonic company's set of content management system CMS.Knock Knock is one of the access rights management plugin. A security vulnerability exists in Knock Knock versions prior to 1.2.8 for Pixel & Tonic Craft CMS. An attacker can exploit this...
Knock Knock Security Restriction Bypass Vulnerability
Pixel & Tonic Craft CMS is the United States Pixel & Tonic company's set of content management system CMS.Knock Knock is one of the access rights management plugin. A security vulnerability exists in Knock Knock versions prior to 1.2.8 for Pixel & Tonic Craft CMS. The vulnerability can be exploit...
CVE-2020-13485
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
CVE-2020-13485
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
CVE-2020-13486
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
Information disclosure
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
Design/Logic Flaw
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
CVE-2020-13485
The Knock Knock plugin for Craft CMS is affected up to version 1.2.7 (pre-1.2.8). The root cause is a flawed IP whitelisting mechanism that trusts the X-Forwarded-For header, allowing an attacker to bypass IP-based access controls. Impact: potential unauthorized access due to bypassed whitelist; ...
CVE-2020-13485
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header...
CVE-2020-13486
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection...
CVE-2020-13486
CVE-2020-13486 affects the Knock Knock plugin for Craft CMS (versions before 1.2.8). The root cause is an open redirection vulnerability arising from insufficient validation of redirect parameters, as documented by multiple sources in the connected records. The impact is malicious redirection; ex...
Knock knock, where am I? - Suspicious files, Unsafe deleting vulnerabilities
HackApp vulnerability scanner discovered that application Knock knock, where am I? published at the 'play' market has multiple vulnerabilities...