Lucene search
K

239 matches found

ossfuzz
ossfuzz
added 2020/07/12 8:9 p.m.16 views

minify:minify-number-fuzzer: Crash with empty stacktrace

Detailed Report: https://oss-fuzz.com/testcase?key=5729119573377024 Project: minify Fuzzing Engine: libFuzzer Fuzz Target: minify-number-fuzzer Job Type: libfuzzerasanminify Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x00000000772e Crash State: NULL Sanitizer: address ASAN...

6.8AI score
Exploits0Affected Software1
ossfuzz
ossfuzz
added 2020/06/09 1:25 p.m.13 views

minify:minify-json-fuzzer: Crash with empty stacktrace

Detailed Report: https://oss-fuzz.com/testcase?key=4834688064815104 Project: minify Fuzzing Engine: libFuzzer Fuzz Target: minify-json-fuzzer Job Type: libfuzzerasanminify Platform Id: linux Crash Type: UNKNOWN READ Crash Address: 0x00000893987e Crash State: NULL Sanitizer: address ASAN Recommend...

6.8AI score
Exploits0Affected Software1
Akamai Blog
Akamai Blog
added 2020/03/25 11:30 a.m.37 views

Accelerate SVG Delivery with Ion (A2)

As of March 2020, all Akamai Ion customers will benefit automatically from the more powerful Brotli/Zopfli compression algorithm for delivering their SVG files. The benefit of fewer SVG bytes is a positive impact on your visual performance KPIs First Meaningful Paint, Time to Visually Ready,...

7AI score
Exploits0
WPVulnDB
WPVulnDB
added 2020/02/05 12:0 a.m.10 views

Merge + Minify + Refresh < 1.10.7 - Authenticated Arbitrary File Delete

The plugin relied on the isadmin check, without checking the user's capabilities, when deleting arbitrary files. The functionality was also vulnerable to Cross-site Request Forgery CSRF allowing attackers to delete arbitrary files by tricking authenticated users into visiting a page they...

4.7AI score
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2020/01/29 12:0 a.m.17 views

WordPress Merge + Minify + Refresh plugin <= 1.10.6 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by NinTechNet in WordPress Merge + Minify + Refresh plugin versions = 1.10.6. Solution Update the WordPress Merge + Minify + Refresh plugin to the latest available version at least 1.10.7...

3.1AI score
Exploits0References2Affected Software1
NVD
NVD
added 2019/12/26 3:15 a.m.17 views

CVE-2019-19983

In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running WordPress application can be discovered. In order to exploit this vulnerability, FVM Debug Mode needs to be enabled and an admin-ajax request needs to call the fastvelocityminfiles action...

4.3CVSS4.7AI score0.01161EPSS
Exploits1References2
Prion
Prion
added 2019/12/26 3:15 a.m.14 views

Design/Logic Flaw

In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running WordPress application can be discovered. In order to exploit this vulnerability, FVM Debug Mode needs to be enabled and an admin-ajax request needs to call the fastvelocityminfiles action...

3.5CVSS4.7AI score0.01161EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/12/26 2:25 a.m.26 views

CVE-2019-19983

In the WordPress plugin, Fast Velocity Minify before 2.7.7, the full web root path to the running WordPress application can be discovered. In order to exploit this vulnerability, FVM Debug Mode needs to be enabled and an admin-ajax request needs to call the fastvelocityminfiles action...

4.3CVSS4.7AI score0.01161EPSS
Exploits1References2
CVE
CVE
added 2019/12/26 2:25 a.m.84 views

CVE-2019-19983

The CVE-2019-19983 vulnerability affects the WordPress plugin Fast Velocity Minify (before 2.7.7). The issue arises from the plugin exposing the full web root path of the WordPress installation, enabling an attacker to discover sensitive filesystem information when FVM Debug Mode is enabled and a...

4.3CVSS4.7AI score0.01161EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2019/12/26 12:0 a.m.2 views

Fast Velocity Minify Full Path Leakage Vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site.Fast Velocity Minify is used in which an open source page content fast loading plugin . A security vulnerability exists in...

4.3CVSS6.4AI score0.01161EPSS
Exploits1References1
WPVulnDB
WPVulnDB
added 2019/10/16 12:0 a.m.16 views

Fast Velocity Minify < 2.7.7 - Full Path Disclosure

The Fast Velocity Minify WordPress plugin was affected by a Full Path Disclosure security vulnerability...

3.5CVSS1.6AI score0.01161EPSS
Exploits1References1Affected Software1
Kitploit
Kitploit
added 2014/05/08 2:0 a.m.34 views

Acunetix Web Vulnerability Scanner Version 9 - Web Application Security Testing Tool

Acunetix W eb V ulnerability S canner WVS is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive...

7.9AI score
Exploits0
securityvulns
securityvulns
added 2012/04/09 12:0 a.m.90 views

Minify and related plugins DOM-Based XSS Vulnerability

+-------------------------------------------------------------------------------------------+ Title : Minify and related plugins DOM-Based XSS Vulnerability Version : 2.1.3 & 2.1.4-Beta Credit : Ayoub Aboukir, Independent Security Researcher Contact : ay.aboukir at gmail d0t com Software Link :...

Exploits0
Packet Storm
Packet Storm
added 2012/03/21 12:0 a.m.47 views

Minify 2.1.3 Cross Site Scripting

+-------------------------------------------------------------------------------------------+ Title : Minify and related plugins DOM-Based XSS Vulnerability Version : 2.1.3 & 2.1.4-Beta Credit : Ayoub Aboukir, Independent Security Researcher Contact : Software Link :...

0.1AI score
Exploits0
exploitpack
exploitpack
added 2012/03/21 12:0 a.m.8 views

Minify 2.1.x - g Cross-Site Scripting

Minify 2.1.x - g Cross-Site Scripting source: https://www.securityfocus.com/bid/52672/info Minify is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecti...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2012/03/21 12:0 a.m.26 views

Minify 2.1.x - &#039;g&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/52672/info Minify is prone to a cross-site scripting vulnerability because it fails to sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

7.4AI score
Exploits0
NVD
NVD
added 2011/09/24 12:55 a.m.16 views

CVE-2011-3812

Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Minify/min/utils.php and certain other files...

5CVSS6.1AI score0.01229EPSS
Exploits0References3
Prion
Prion
added 2011/09/24 12:55 a.m.12 views

Information disclosure

Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Minify/min/utils.php and certain other files...

5CVSS6.7AI score0.01229EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2011/09/24 12:0 a.m.20 views

CVE-2011-3812

Vanilla 2.0.16 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by plugins/Minify/min/utils.php and certain other files...

6.1AI score0.01229EPSS
Exploits0References3
Rows per page
Query Builder