34 matches found
CVE-2018-25371
mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...
CVE-2025-69620
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...
CVE-2025-69620
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...
CVE-2025-69620
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...
EUVD-2025-206780
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...
CVE-2025-69620
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...
PT-2026-5974
Name of the Vulnerable Software and Affected Versions Moo Chan Song version 4.5.7 Description A path traversal issue exists in Moo Chan Song version 4.5.7 that can lead to a Denial of Service DoS by allowing attackers to write files to the internal storage. Recommendations Update Moo Chan Song to...
CVE-2025-69620
CVE-2025-69620 describes a path traversal in Moo Chan Song v4.5.7 that can cause a Denial of Service by writing files to internal storage. Affected software: Moo Chan Song 4.5.7. Root cause: path traversal leading to DoS. Impact: denial of service as stated. Exploitation/availability impact: avai...
CVE-2025-69620
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...
CVE-2025-69620
A path traversal in Moo Chan Song v4.5.7 allows attackers to cause a Denial of Service DoS via writing files to the internal storage...
EUVD-2010-2374
Malware in sbrugna...
EUVD-2010-2375
Malware in sbrugna...
Malicious code in @zalastax/nolb-_moo (npm)
The package @zalastax/nolb-moo was found to contain malicious code...
MAL-2025-10228 Malicious code in @zalastax/nolb-_moo (npm)
The package @zalastax/nolb-moo was found to contain malicious code...
CVE-2010-2365
Cross-site scripting XSS vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2010-2364
Cross-site scripting XSS vulnerability in Free CGI Moo moobbs before 1.03 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
WordPress Smart Online Order for Clover plugin <= 1.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via moo_receipt_link Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via mooreceiptlink Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Smart Online Order for Clover versions = 1.5.7...
PT-2024-39921 · WordPress · Smart Online Order For Clover
Name of the Vulnerable Software and Affected Versions: Smart Online Order for Clover plugin for WordPress versions up to, and including, 1.5.7 Description: The issue is related to Stored Cross-Site Scripting via the plugin's moo receipt link shortcode due to insufficient input sanitization and...
CVE-2023-43323
mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - messageText, datawallphoto, datauserShareVideo and datauserShareLink...
Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation
Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 CVSS score: 9.8 and CVE-2021-35394 CVSS score: 9.8 to deliver MooBot and ShellBot aka PerlBot, Fortinet...