EUVD-2025-144229

Malicious code in verts-otimo-nag npm...

Malicious code in verts-otimo-nag (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a776e7fe244c77d7d2e9754e18a8c80db142295aa305464d11ca67dc2accc596 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD-2008-7178

Malware in sbrugna...

EUVD-2005-4186

Malware in sbrugna...

EUVD-2005-1325

Malware in sbrugna...

CVE-2024-7412

The No Update Nag plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.12. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve the fu...

WordPress plugin No Update Nag 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2024-7412 No Update Nag <= 1.4.12 - Unauthenticated Full Path Disclosure

The No Update Nag plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 1.4.12. This is due to the plugin allowing direct access to the bootstrap.php file which has displayerrors on. This makes it possible for unauthenticated attackers to retrieve the fu...

WordPress No Update Nag plugin <= 1.4.12 - Unauthenticated Full Path Disclosure vulnerability

Unauthenticated Full Path Disclosure vulnerability discovered by stealthcopter in WordPress Plugin No Update Nag versions = 1.4.12...

WordPress No Update Nag Plugin <= 1.4.12 is vulnerable to Sensitive Data Exposure

Software No Update Nag Type Plugin Vulnerable versions = 1.4.12 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2024-7412 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID ac9e40d53a9f Credits stealthcopter Required...

SUSE CVE-2005-4190

Multiple cross-site scripting XSS vulnerabilities in Horde Application Framework before 3.0.8 allow remote authenticated users to inject arbitrary web script or HTML via multiple vectors, as demonstrated by 1 the identity field, 2 Category and 3 Label search fields, 4 the Mobile Phone field, and ...

SUSE CVE-2008-7218

Unspecified vulnerability in the Horde API in Horde 3.1 before 3.1.6 and 3.2 before 3.2 before 3.2-RC2; Turba H3 2.1 before 2.1.6 and 2.2 before 2.2-RC2; Kronolith H3 2.1 before 2.1.7 and H3 2.2 before 2.2-RC2; Nag H3 2.1 before 2.1.4 and 2.2 before 2.2-RC2; Mnemo H3 2.1 before 2.1.2 and 2.2 befo...

nag-history.de Cross Site Scripting vulnerability OBB-2646290

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Fedora Update for php-horde-nag FEDORA-2018-8ab75bcc08

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 28 : php-horde-nag (2018-8dfeb06ce9)

nag 4.2.19 - mjr SECURITY: Fix multiple XSS vulnerabilities when displaying and filtering task lists. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

Fedora 29 : php-horde-nag (2018-8ab75bcc08)

nag 4.2.19 - mjr SECURITY: Fix multiple XSS vulnerabilities when displaying and filtering task lists. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...

[SECURITY] Fedora 29 Update: php-horde-nag-4.2.19-1.fc29

Nag is a web-based application built upon the Horde Application Framework which provides a simple, clean interface for managing online task lists i.e., todo lists. It also includes strong integration with the other Horde applications and allows users to share task lists or enable light-weight...

Fedora Update for php-horde-nag FEDORA-2018-8dfeb06ce9

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for php-horde-nag FEDORA-2018-113c354377

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : php-horde-nag (2018-113c354377)

nag 4.2.19 - mjr SECURITY: Fix multiple XSS vulnerabilities when displaying and filtering task lists. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much...