EUVD-2018-5325

Malware in sbrugna...

Liferay Portal 7.4.x < 7.4.3.133 Cross-Site Scripting

Liferay Portal versions 7.4.x prior to 7.4.3.133 and DXP versions prior to 2024.Q1.16 or 2025.Q1.x prior to 2025.Q1.5 or 2025.Q2.x prior to 2025.Q2.0 are affected by a Cross-Site Scripting allowing an remote non-authenticated attacker to inject JavaScript into the...

CVE-2021-44534

Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure...

GHSA-P2F8-VQ4R-GQG3 Liferay Portal Reflected XSS in marketplace-app-manager-web

A reflected cross-site scripting XSS vulnerability in the Liferay Portal 7.4.0 through 7.4.3.131, and Liferay DXP 2024.Q4.0 through 2024.Q4.5, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.12, 7.4 GA through update 92 allows an remote non-authenticated...

CVE-2025-36625

In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging entries by manipulating http requests to the application...

CVE-2025-36625

In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging entries by manipulating http requests to the application...

CVE-2025-36625 Log Poisoning in Nessus

In Nessus versions prior to 10.8.4, a non-authenticated attacker could alter Nessus logging entries by manipulating http requests to the application...

CVE-2024-30619

Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker can request the number of messages and the number of online users via "/main/inc/ajax/message.ajax.php?a=getcountmessage" AND "/main/inc/ajax/online.ajax.php?a=getusersonline."...

CVE-2021-44534

Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure...

CVE-2021-44534

Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure...

CVE-2021-44534

Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure...

CVE-2021-44534

Insufficient user input filtering leads to arbitrary file read by non-authenticated attacker, which results in sensitive information disclosure...

ExpressionEngine: Non-authenticated path traversal leading to arbitrary file read

Non-authenticated path traversal leading to arbitrary file read. Insufficient user input filtering resulted in arbitrary file read by non-authenticated attacker, leading to sensitive information disclosure...

Protect

Failure to properly parse message payloads in the SSL VPN portal of FortiOS may allow a non-authenticated attacker to perform a Denial of Service attack via exploiting a buffer overflow...

WordPress LoginWall Plugin Remote File Inclusion

A Remote File Inclusion vulnerability exists in WordPress LoginWall Plugin. Successful exploitation of this vulnerability would allow a non-authenticated attacker to include remote files and execute arbitrary code on the vulnerable system...

WordPress Slider Revolution Plugin Remote File Inclusion

A Remote File Inclusion vulnerability exists in WordPress Slider Revolution Plugin. Successful exploitation of this vulnerability would allow a non-authenticated attacker to include remote files and execute arbitrary code on the vulnerable system...

VMware Update Manager Directory Traversal

DSECRG-11-042 VMware Update Manager - Directory Traversal Application: VMware Update Manager Versions Affected: vCenter Update Manager 4.1 prior to Update 2, vCenter Update Manager 4.0 prior to Update 4 Vendor URL: http://vmware.com Bugs: Directory Traversal File Read CVE: CVE-2011-4404 CVSS2: 7....

VMware Update Manager Directory Traversal

Exploit for windows platform in category remote exploits Exploit Title:VMware Update Manager Directory Traversal Date:18/11/2011 Author: Alexey Sintsov Software Link: http://www.vmware.com/ Version:2.0.2 Tested on: Windows 2003 / vCenter Update Manager 4.1 U1 CVE : CVE-2011-4404 DSECRG-11-042...