55 matches found
EUVD-2021-20513
Malware in sbrugna...
EUVD-2024-45414
Malicious code in bioql PyPI...
CVE-2024-51578
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lpagg 3D Presentation 3d-presentation allows Stored XSS.This issue affects 3D Presentation: from n/a through = 1.0...
CVE-2021-33840
The server in Luca through 1.1.14 allows remote attackers to cause a denial of service insertion of many fake records related to COVID-19 because Phone Number data lacks a digital signature...
CVE-2024-51578
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Luca Paggetti 3D Presentation allows Stored XSS.This issue affects 3D Presentation: from n/a through 1.0...
CVE-2024-51578
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lpagg 3D Presentation 3d-presentation allows Stored XSS.This issue affects 3D Presentation: from n/a through = 1.0...
CVE-2024-51578 WordPress 3D Presentation plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in lpagg 3D Presentation 3d-presentation allows Stored XSS.This issue affects 3D Presentation: from n/a through = 1.0...
CVE-2024-51578
CVE-2024-51578 is a stored Cross-Site Scripting vulnerability in the WordPress plugin 3D Presentation , affecting versions up to 1.0 (version range listed as n/a through 1.0). The issue arises from improper input handling during web-page generation, enabling stored XSS as described in multiple so...
PT-2024-34721 · Unknown · Luca Paggetti 3D Presentation
Name of the Vulnerable Software and Affected Versions: Luca Paggetti 3D Presentation versions n/a through 1.0 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This problem allows Stored XSS, which means an...
CVE-2024-2179
Concrete CMS version 9 before 9.2.7 is vulnerable to Stored XSS via the Name field of a Group type since there is insufficient validation of administrator provided data for that field. A rogue administrator could inject malicious code into the Name field which might be executed when users visit t...
CVE-2021-33838
Luca through 1.7.4 on Android allows remote attackers to obtain sensitive information about COVID-19 tracking because requests related to Check-In State occur shortly after requests for Phone Number Registration...
CVE-2021-33840
The server in Luca through 1.1.14 allows remote attackers to cause a denial of service insertion of many fake records related to COVID-19 because Phone Number data lacks a digital signature...
CVE-2021-33838
Luca through 1.7.4 on Android allows remote attackers to obtain sensitive information about COVID-19 tracking because requests related to Check-In State occur shortly after requests for Phone Number Registration...
CVE-2021-33838
Luca through 1.7.4 on Android allows remote attackers to obtain sensitive information about COVID-19 tracking because requests related to Check-In State occur shortly after requests for Phone Number Registration...
CVE-2021-33838
The CVE-2021-33838 issue affects Luca app on Android (versions 1.7.4 and earlier). The root cause is a sequence where requests related to Check-In State occur shortly after Phone Number Registration, enabling remote attackers to obtain sensitive COVID-19 tracking information. Impact is described ...
CVE-2021-33839
CVE-2021-33839 affects Luca for Android up to version 1.7.4. The root cause is the QR code handling that can confuse a Public Location QR with a Private Meeting QR, enabling remote attackers to obtain sensitive COVID-19 tracking information. Impact: confidentiality at HIGH (C in CVSS3.1), exploit...
CVE-2021-33840
The CVE-2021-33840 issue affects Luca app up to v1.1.14, where Phone Number data is stored without a digital signature. This enables remote attackers to insert many fake COVID-19 records, causing a denial of service. Public documents confirm the vulnerability, its impact (DoS from mass fake recor...
CVE-2021-33840
The server in Luca through 1.1.14 allows remote attackers to cause a denial of service insertion of many fake records related to COVID-19 because Phone Number data lacks a digital signature...
Gtlab luca 数据伪造问题漏洞
Gtlab luca is a Gtlab open source application. A secure and encrypted exchange of contact information. A data forgery issue vulnerability exists in Luca version 1.1.14, which can be exploited by remote attackers to cause a denial of service due to a lack of digital signatures for phone number dat...
Luca 信息泄露漏洞
Gtlab luca is a Gtlab open source application. A secure and encrypted exchange of contact information. A security vulnerability exists in Luca, which originated from a vulnerability that can be exploited by a remote attacker to obtain sensitive information about COVID-19 tracking...