[SECURITY] Fedora 43 Update: nginx-mod-vts-0.2.4-9.fc43

Nginx virtual host traffic status module...

EUVD-2019-0342

Malware in sbrugna...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an ACPI/pfrupdate module driver update version checking error...

PT-2025-34490 · Salesforce · Tableau Desktop +1

Name of the Vulnerable Software and Affected Versions: Tableau Server and Tableau Desktop versions prior to 2025.1.3 Tableau Server and Tableau Desktop versions prior to 2024.2.12 Tableau Server and Tableau Desktop versions prior to 2023.3.19 Description: A 'Type Confusion' vulnerability exists i...

CVE-2024-36679

In the module "Module Live Chat Pro All in One Messaging" livechatpro =8.4.0, a guest can perform PHP Code injection. Due to a predictable token, the method Lcp::saveTranslations suffer of a white writer that can inject PHP code into a PHP file...

CVE-2022-47762

In gin-vue-admin 2.5.5, the download module has a Path Traversal vulnerability...

CVE-2014-9024

The Protected Pages module 7.x-2.x before 7.x-2.4 for Drupal allows remote attackers to bypass the password protection via a crafted path...

CVE-2023-27844

SQL injection vulnerability found in PrestaShopleurlrewrite v.1.0 and before allow a remote attacker to gain privileges via the Dispatcher::getController component...

Regexploit - Find Regular Expressions Which Are Vulnerable To ReDoS (Regular Expression Denial Of Service)

Find regexes which are vulnerable to Regular Expression Denial of Service ReDoS. More info onthe Doyensec blog Many default regular expression parsers have unbounded worst-case complexity. Regex matching may be quick when presented with a matching input string. However, certain non-matching input...

GHSA-M852-866J-69J8 Malicious Package in eslint-config-airbnb-standard

Version 2.0.0 of eslint-config-airbnb-standard was published with a bundled version of eslint-scope that was found to contain malicious code. This code would read the users .npmrc file and send it's contents to a remote server. Recommendation The best course of action if you found this package...

Active Perl Modules Multiple Vulnerabilities (Windows)

The host is installed with Active Perl and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbactiveperlmodulesmultvulnwin.nasl 6115 2017-05-12 09:03:25Z teissa $ Active Perl Modules Multiple Vulnerabilities Windows Authors: Arun Kallavi Copyright: Copyright c 2012 Greenbone...

SA-CONTRIB-2012-164 - Smiley module and Smileys module - Cross Site Scripting (XSS)

These modules enable you to substitutes text emoticons, like :-, with images. These modules don't sufficiently sanitize user defined smiley acronyms before displaying smiley images. This vulnerability is mitigated by the fact that an attacker must have a role with the permission "administer...

PHP-Nuke Module Emporium 2.3.0 (id_catg) SQL Injection Vulnerability

Exploit for unknown platform in category web applications ==================================================================== PHP-Nuke Module Emporium 2.3.0 idcatg SQL Injection Vulnerability ==================================================================== ||| PHP-Nuke Module Emporium 2.3.0...

Intellicom 1.3 - 'NetBiterConfig.exe Hostname' Data Remote Stack Buffer Overflow (PoC)

!/usr/bin/python source: https://www.securityfocus.com/bid/37325/info Intellicom 'NetBiterConfig.exe' is prone to a remote stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to execute...

XOOPS Module WF-Snippets 1.02 (c) - Blind SQL Injection

XOOPS Module WF-Snippets 1.02 c - Blind SQL Injection XOOPS Module WF-Snippets //'=============================================================================================== //'Script Name: XOOPS Module WF-Snippets = 1.02 c BLIND SQL Injection Exploit //'Coded by : ajann //'Author : ajann...

Session fixation

The 1 Textimage 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal and the 2 Captcha 4.7.x before 4.7-1.2 and 5.x before 5.x-1.1 module for Drupal allow remote attackers to bypass the CAPTCHA test via an empty captcha element in $SESSION...

MXBB Profile Control Panel 0.91c - Module Remote File Inclusion

source: https://www.securityfocus.com/bid/21520/info The mxBB profile Control Panel module is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied data. An attacker may leverage this issue to execute arbitrary server-side script code on an affected...