EUVD-2005-2467

Malware in sbrugna...

EUVD-2022-25118

Malicious code in bioql PyPI...

CVE-2022-1842

The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...

WordPress OpenBook Book Data plugin跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress OpenBook Book Data plugin version 3.5.2 and earlier versions are vulnerable to cross-site request...

CVE-2022-1842

The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...

CVE-2022-1842

The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...

CVE-2022-1842

The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...

Cross site scripting

The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...

CVE-2022-1842 OpenBook Book Data <= 3.5.2 - Arbitrary Settings Update to Stored XSS via CSRF

The OpenBook Book Data WordPress plugin through 3.5.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well...

CVE-2022-1842

CVE-2022-1842 affects the WordPress OpenBook Book Data plugin (versions

WordPress plugin OpenBook Book Data 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress OpenBook Book Data plugin version 3.5.2 and earlier versions are vulnerable to cross-site request...

OpenBook Book Data <= 3.5.2 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well " " " " " input type="text" name="action"...

WordPress OpenBook Book Data plugin <= 3.5.2 - Arbitrary Settings Update to Stored XSS via CSRF vulnerability

Arbitrary Settings Update to Stored XSS via CSRF vulnerability discovered by Daniel Ruf in WordPress OpenBook Book Data plugin versions = 3.5.2. Solution Deactivate and delete. This plugin has been closed as of May 24, 2022 and is not available for download. This closure is temporary, pending a...

OpenBook Book Data <= 3.5.2 - Arbitrary Settings Update to Stored XSS via CSRF

The plugin does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and lead to Stored Cross-Site Scripting due to the lack of sanitisation and escaping as well PoC...

OpenBook 1.2.2 Admin.PHP SQL Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/14444/info OpenBook is prone to an SQL injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input before using it in an SQL query. Successful exploitation could...

CVE-2005-2466

Multiple SQL injection vulnerabilities in the authuser function in admin.php in OpenBook 1.2.2 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...

CVE-2005-2466

OpenBook 1.2.2 is affected by multiple SQL injection vulnerabilities in the auth_user function of admin.php, allowing remote attackers to execute arbitrary SQL commands via the (1) username or (2) password parameter. The vulnerability is detailed in CVE-2005-2466 with a NVD base score of 6.4 (MED...

CVE-2005-2466

Multiple SQL injection vulnerabilities in the authuser function in admin.php in OpenBook 1.2.2 allow remote attackers to execute arbitrary SQL commands via the 1 username or 2 password parameter...

[SVadvisory] - SQL injection in OpenBook 1.2.2

SVadvisory12 Title: SQl injection Product: OpenBook Version: 1.2.2 Site: http://openbook.sourceforge.net/ Vulnerabilities Code: function authuser$userid, $password global $HTTPPOSTVARS; global $admintable; $userid=$HTTPPOSTVARS'userid'; $password=$HTTPPOSTVARS'password'; dbconnect; $query="SELECT...

PHPList Vunerability

SVadvisory12 Title: SQl injection Product: OpenBook Version: 1.2.2 Site: http://openbook.sourceforge.net/ Vulnerabilities Code: function authuser$userid, $password global $HTTPPOSTVARS; global $admintable; $userid=$HTTPPOSTVARS'userid'; $password=$HTTPPOSTVARS'password'; dbconnect; $query="SELECT...