CVE-2024-10895

The Counter Up – Animated Number Counter & Milestone Showcase plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'lgx-counter' shortcode in all versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping on user supplied...

PT-2024-16627 · WordPress · The Counter Up – Animated Number Counter & Milestone Showcase

Name of the Vulnerable Software and Affected Versions: The Counter Up – Animated Number Counter & Milestone Showcase plugin for WordPress versions up to, and including, 2.4.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'lgx-counter' shortcode due to...

LAquis SCADA LGX Report File Open Path Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...

LAquis SCADA LGX Report STRING WRITETOFILE Path Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the implementation of...

LAquis SCADA LGX File Insufficient UI Warning Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

LAquis SCADA LGX File Insufficient UI Warning Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...

LAquis SCADA LGX File Insufficient UI Warning Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of LAquis SCADA. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

LAquis SCADA LGX Out-Of-Bounds Write (CVE-2018-18986)

An out-of-bounds write vulnerability exists in the LAquis SCADA. This vulnerability is due to improper validation of user-supplied data when parsing the LGX report file. Successful exploitation would result in a denial of service condition...

LAquis SCADA LGX Report Arbitrary File Write (CVE-2018-18988)

An arbitrary file write vulnerability exists in LAquis SCADA LGX report. Successful exploitation of this vulnerability could result in arbitrary file write and possible arbitrary code execution...

LAquis SCADA LGX Report AddComboFile Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

LAquis SCADA LGX Report Memory Free Untrusted Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

LAquis SCADA LGX Report Edit Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

LAquis SCADA LGX Report ShellExecute Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

LAquis SCADA LGX Report TextFile Append Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

LAquis SCADA LGX Report Ini WriteString Arbitrary File Creation Vulnerability

This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

LAquis SCADA LGX Report Format File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of LAquis SCADA Software. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...