EUVD-2024-45584

Malicious code in bioql PyPI...

CVE-2024-51649

Cross-Site Request Forgery CSRF vulnerability in Patrick Lumumba Mobilize mobilize allows Stored XSS.This issue affects Mobilize: from n/a through = 3.0.7...

CVE-2024-51649

Cross-Site Request Forgery CSRF vulnerability in Patrick Lumumba Mobilize mobilize allows Stored XSS.This issue affects Mobilize: from n/a through = 3.0.7...

CVE-2024-51649 WordPress Mobilize plugin <= 3.0.7 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Patrick Lumumba Mobilize mobilize allows Stored XSS.This issue affects Mobilize: from n/a through = 3.0.7...

CVE-2024-51649 WordPress Mobilize plugin <= 3.0.7 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Patrick Lumumba Mobilize mobilize allows Stored XSS.This issue affects Mobilize: from n/a through = 3.0.7...

CVE-2024-51649

The CVE CVE-2024-51649 affects the WordPress Mobilize plugin and describes a Cross-Site Request Forgery (CSRF) flaw that enables Stored XSS. Affected version range is Mobilize up to 3.0.7 (and earlier). The connected sources consistently state CSRF leading to stored XSS, but none of the documents...

PT-2024-34793 · Mobilize · Mobilize

Name of the Vulnerable Software and Affected Versions: Mobilize versions 3.0.7 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Stored XSS. This means an attacker can trick a user into performing unintended actions on a web application, and also...

WordPress plugin Mobilize 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

WordPress Mobilize plugin <= 3.0.7 - CSRF to Stored Cross Site Scripting (XSS) vulnerability

CSRF to Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Mobilize versions = 3.0.7...

WordPress Mobilize Plugin <= 3.0.7 is vulnerable to Cross Site Request Forgery (CSRF)

Software Mobilize Type Plugin Vulnerable versions = 3.0.7 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-51649 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 686b496076f9 Credits SOPROBRO Required privilege...

Cisco IOS and Cisco IOS XE ntp Subsystem Unauthorized Access Vulnerability

A vulnerability in the ntp subsystem of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to mobilize ntp associations. The vulnerability is due to missing authorization checks on certain ntp packets. An attacker could exploit this vulnerability by ingressing...

ntp security update

4.2.6p5-2 - don't generate weak control key for resolver CVE-2014-9293 - don't generate weak MD5 keys in ntp-keygen CVE-2014-9294 - fix buffer overflows via specially-crafted packets CVE-2014-9295 - don't mobilize passive association when authentication fails CVE-2014-9296...

Mozilla, EFF Help Launch Internet Defense League, a Bat Signal for the Internet

A group of civil-liberties organizations, software companies and popular Web sites are launching a new effort called the Internet Defense League that aims to “help Internet users, organizations, and companies fight back whenever online rights are threatened.” Inspired by the collaborative fight...