Lucene search
+L

7 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:13 a.m.5 views

CVE-2023-52176

Authentication Bypass by Spoofing vulnerability in miniorange Malware Scanner allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Malware Scanner: from n/a through 4.7.1...

5.3CVSS6.9AI score0.00403EPSS
Exploits0References1
OSV
OSV
added 2024/02/28 1:15 p.m.4 views

CVE-2024-25902

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2...

7.2CVSS7.3AI score0.00541EPSS
Exploits0References1
NVD
NVD
added 2024/02/28 1:15 p.m.23 views

CVE-2024-25902

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2...

7.6CVSS7.9AI score0.00541EPSS
Exploits0References1
Prion
Prion
added 2024/02/28 1:15 p.m.35 views

Sql injection

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2...

4.7CVSS8AI score0.00541EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.8 views

PT-2024-21193 · Miniorange · Miniorange Malware Scanner

Name of the Vulnerable Software and Affected Versions: miniorange Malware Scanner versions through 4.7.2 Description: The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection'. This allows for potential exploitation by injecting...

7.6CVSS8.1AI score0.00541EPSS
Exploits0References5
WPVulnDB
WPVulnDB
added 2022/06/06 12:0 a.m.16 views

miniOrange's Malware Scanner < 4.5.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup PoC Put the following payload in the...

4.8CVSS0.3AI score0.00561EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/06/06 12:0 a.m.158 views

miniOrange's Malware Scanner < 4.5.2 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, leading to malicious users with administrator privileges to store malicious Javascript code leading to Cross-Site Scripting attacks when unfilteredhtml is disallowed for example in multisite setup Put the following payload in the...

4.8CVSS0.8AI score0.00561EPSS
Exploits2
Rows per page
Query Builder