12 matches found
EUVD-2026-15617
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows PHP Local File Inclusion.This issue affects NaturaLife Extensions: from n/a through = 2.1...
CVE-2026-25017
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan NaturaLife Extensions naturalife-extensions allows PHP Local File Inclusion.This issue affects NaturaLife Extensions: from n/a through = 2.1...
CVE-2026-25017
The CVE pertains to a Local File Inclusion in the WordPress NaturaLife Extensions plugin (versions n/a through 2.1) caused by improper control of filename handling in PHP Include/Require statements. Affected component: NaturaLife Extensions WordPress plugin; vulnerability type: PHP Local File Inc...
WordPress plugin NaturaLife Extensions 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
natura-edizioni.it Cross Site Scripting vulnerability OBB-3523965
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
compra.natura.bilheteria.com.br Cross Site Scripting vulnerability OBB-2825593
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
api.natura.bilheteria.com.br Cross Site Scripting vulnerability OBB-2825591
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
natura.site123.me Cross Site Scripting vulnerability OBB-1478201
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
natura-heilpraxis.de Cross Site Scripting vulnerability OBB-1338197
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Cosmetic giant Natura leaks data again; this time 19 million Avon records
By Deeba Ahmed Avon Products, Inc. is owned Brazil's Natura & Co. which itself... This is a post from HackRead.com Read the original post: Cosmetic giant Natura leaks data again; this time 19 million Avon records...
Brazil’s cosmetic giant Natura leaked 192 million records with payment data
By Waqas It's a massive security failure by The Natura & Co Group. This is a post from HackRead.com Read the original post: Brazil's cosmetic giant Natura leaked 192 million records with payment data...
Brazil's Biggest Cosmetic Brand Natura Exposes Personal Details of Its Users
Brazil's biggest cosmetics company Natura accidentally left hundreds of gigabytes of its customers' personal and payment-related information publicly accessible online that could have been accessed by anyone without authentication. SafetyDetective researcher Anurag Sen last month discovered two...