KODO Qiniu < 1.5.1 - Cross-Site Request Forgery

Description The KODO Qiniu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to 1.5.1 exclusive. This is due to missing or incorrect nonce validation on the kodosettingpage function. This makes it possible for unauthenticated attackers to replace URLs via a forge...

WordPress KODO Qiniu Plugin <= 1.5.0 is vulnerable to Cross Site Request Forgery (CSRF)

Software KODO Qiniu Type Plugin Vulnerable versions = 1.5.0 Fixed in 1.5.1 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE N/A Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID c3ab23e88199 Credits Unknown Required privilege...

WordPress KODO Qiniu plugin <= 1.2.5 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered in WordPress KODO Qiniu plugin versions = 1.2.5. Solution Update the WordPress KODO Qiniu plugin to the latest available version at least 1.3.0...

Hangzhou Kodo Cloud Network Co. Kodo Cloud V4.40 suffers from weak password vulnerability

KodExplorer, Kodo Cloud, is a private cloud online document management solution based on Web technology. Hangzhou Kodo Cloud Network Co., Ltd. Kodo Cloud V4.40 exists a weak password vulnerability, which can be exploited by an attacker to cause arbitrary directory browsing, arbitrary read and wri...

Arbitrary File Deletion Vulnerability in kodexplorer Kodo Cloud 4.40

kodexplorer Kodo Cloud, formerly known as Mango Cloud, is a private cloud online document management solution based on Web technology. The kodexplorer Kodo Cloud 4.40 has an arbitrary file deletion vulnerability that can be exploited by an attacker with the privilege to install and uninstall...

Code Execution Vulnerability in kodexplorer Kodo Cloud 4.40

kodexplorer Kodo Cloud, formerly known as Mango Cloud, is a private cloud online document management solution based on Web technology. A code execution vulnerability exists in kodexplorer Kodo Cloud 4.40, which can be exploited by an attacker with privileges to upload and manage plugins to gain...

File upload vulnerability in kodexplorer Kodo Cloud

KodExplorer Kodo Cloud, formerly known as Mango Cloud, is a private cloud online document management solution based on Web technology. A file upload vulnerability exists in kodexplorer Kodo Cloud, which can be exploited by attackers to gain server privileges...

Arbitrary file read vulnerability in kodexplorer Kodo Cloud v4.39

KodExplorer Kodo Cloud, formerly known as Mango Cloud, is a private cloud online document management solution based on Web technology. An arbitrary file read vulnerability exists in kodexplorer Kodo Cloud v4.39, which can be exploited by an attacker to cause arbitrary file reads...

Fedora Update for kdetoys FEDORA-2007-2985

Check for the Version of kdetoys OpenVAS Vulnerability Test Fedora Update for kdetoys FEDORA-2007-2985 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...