Lucene search
K

46 matches found

Patchstack
Patchstack
added 2024/10/25 8:12 a.m.4 views

WordPress Multi Purpose Mail Form plugin <= 1.0.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Bonds Patchstack Alliance in WordPress Plugin Multi Purpose Mail Form versions = 1.0.2...

10CVSS7AI score0.00496EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/10/25 12:0 a.m.18 views

WordPress Multi Purpose Mail Form Plugin <= 1.0.2 is vulnerable to Arbitrary File Upload

Software Multi Purpose Mail Form Type Plugin Vulnerable versions = 1.0.2 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-50484 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 3feda20596e4 Credits Bonds Required privilege...

10CVSS7.2AI score0.00496EPSS
Exploits0References1Affected Software1
Exploit DB
Exploit DB
added 2024/05/04 12:0 a.m.333 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 - Device Config Disclosure

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offers a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2024/04/18 12:0 a.m.283 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 1.0.0 Revision 7304 1.0.0 Revision 7284 1.0.0 Revision 6505 1.0.0 Revision 6332 1.0.0 Revision 6258 XS2DAB v1.50 rev 6267 Summary: Cleber offer...

7.4AI score
Exploits0
Zero Science Lab
Zero Science Lab
added 2024/04/17 12:0 a.m.311 views

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config

Summary Cleber offers a powerful, flexible and modular hardware and software platform for broadcasting and contribution networks where customers can install up to six boards with no limitations in terms of position or number. Based on a Linux embedded OS, it detects the presence of the boards and...

5.7AI score
Exploits0
NVD
NVD
added 2024/02/12 8:15 a.m.23 views

CVE-2024-24926

Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6...

8.8CVSS7.6AI score0.01089EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/12 7:9 a.m.34 views

CVE-2024-24926 WordPress Brooklyn Theme <= 4.9.7.6 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6...

7.5CVSS7.7AI score0.01089EPSS
Exploits0References1
CVE
CVE
added 2024/02/12 7:9 a.m.95 views

CVE-2024-24926

CVE-2024-24926 describes a deserialization of untrusted data vulnerability in UnitedThemes Brooklyn Theme (WordPress Brooklyn) up to version 4.9.7.6. The connected documents specify a PHP object injection/deserialization flaw as the root cause and list the affected software as the Brooklyn Theme,...

8.8CVSS7.8AI score0.01089EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/02/12 6:7 a.m.85 views

CVE-2024-24927

CVE-2024-24927 affects UnitedThemes Brooklyn – a WordPress theme – with a Reflected XSS caused by improper input neutralization during web page generation. Affected versions are listed as up to 4.9.7.6 (n/a). Multiple sources corroborate the basic vulnerability description, including Red Hat, NVD...

7.1CVSS7.1AI score0.00331EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2023/11/30 5:15 p.m.24 views

CVE-2023-38400

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4...

7.1CVSS0.00403EPSS
Exploits0References1
Prion
Prion
added 2023/11/30 5:15 p.m.17 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4...

5.8CVSS7.1AI score0.00403EPSS
Exploits0References1Affected Software1
Fedora
Fedora
added 2022/07/04 1:35 a.m.30 views

[SECURITY] Fedora 36 Update: dnsx-1.1.0-3.fc36

Dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers...

9.3CVSS8.8AI score0.05994EPSS
Exploits4
The Hacker News
The Hacker News
added 2022/01/25 12:12 p.m.16 views

TrickBot Malware Using New Techniques to Evade Web Injection Attacks

The cybercrime operators behind the notorious TrickBot malware have once again upped the ante by fine-tuning its techniques by adding multiple layers of defense to slip past antimalware products. "As part of that escalation, malware injections have been fitted with added protection to keep...

0.3AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/12/09 6:0 p.m.24 views

A closer look at Qakbot’s latest building blocks (and how to knock them down)

Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize it. Since emerging in 2007 as a banking Trojan,...

Exploits0
GithubExploit
GithubExploit
added 2020/07/06 2:21 a.m.123 views

Exploit for Path Traversal in F5 Big-Ip_Access_Policy_Manager

RCE-CVE-2020-5902 BIG-IP F5 Remote Code Execution Descripti...

10CVSS8.3AI score0.99999EPSS
Exploits60
Talos Blog
Talos Blog
added 2020/02/21 10:43 a.m.466 views

Threat Roundup for February 14 to February 21

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Feb. 14 and Feb. 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

10CVSS10AI score0.99999EPSS
Exploits123
Packet Storm
Packet Storm
added 2019/02/25 12:0 a.m.62 views

WordPress NativeChurch Multi-Purpose 5.0.x File Download

Exploit Title : WordPress NativeChurch Multi-Purpose Themes 5.0.x Arbitrary File Download Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 26/02/2019 Vendor Homepage : themeforest.net Software Information Link :...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2019/02/08 12:32 p.m.1018 views

Process Hacker - A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. System requirements Windows 7 or higher, 32-bit or 64-bit. Features A detailed overview of system activity with highlighting. Graphs and statistics allow you quickly to track down...

7.1AI score
Exploits0References2
Kitploit
Kitploit
added 2018/12/11 11:39 a.m.79 views

DevAudit - Open-source, Cross-Platform, Multi-Purpose Security Auditing Tool

DevAudit is an open-source, cross-platform, multi-purpose security auditing tool targeted at developers and teams adopting DevOps and DevSecOps that detects security vulnerabilities at multiple levels of the solution stack. DevAudit provides a wide array of auditing capabilities that automate...

7.5AI score
Exploits0References30
Gentoo Linux
Gentoo Linux
added 2017/07/08 12:0 a.m.73 views

Game Music Emu: Multiple vulnerabilities

Background Game Music Emu is a multi-purpose console music emulator and player library. Description Multiple vulnerabilities have been discovered in Game Music Emu. Please review the CVE identifiers referenced below for details. Impact A remote attacker could entice a user to open a specially...

10CVSS3.9AI score0.04364EPSS
Exploits5
Rows per page
Query Builder