15 matches found
WWBN AVideo 安全漏洞
WWBN AVideo is a video platform building system written in PHP, developed by the WWBN team. Versions of WWBN AVideo prior to 29.0 contained security vulnerabilities. These vulnerabilities stemmed from the lack of verification of user ownership in the plugin/PayPalYPT/agreementCancel.json.php file...
WordPress Subscriptions & Memberships for PayPal plugin <= 1.1.7 - Unauthenticated Fake Payment Creation vulnerability
Unauthenticated Fake Payment Creation vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Subscriptions & Memberships for PayPal versions = 1.1.7...
CVE-2025-66107
Missing Authorization vulnerability in Scott Paterson Subscriptions & Memberships for PayPal subscriptions-memberships-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscriptions & Memberships for PayPal: from n/a through = 1.1.7...
EUVD-2025-198535
The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to fake payment creation in all versions up to, and including, 1.1.7. This is due to the plugin not properly verifying the authenticity of an IPN request. This makes it possible for unauthenticated attackers to create...
CVE-2025-12752
The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to fake payment creation in all versions up to, and including, 1.1.7. This is due to the plugin not properly verifying the authenticity of an IPN request. This makes it possible for unauthenticated attackers to create...
CVE-2025-12752
CVE-2025-12752 is a vulnerability in the WordPress plugin “Subscriptions & Memberships for PayPal” (versions up to 1.1.7) caused by insufficient IPN request verification. This allows unauthenticated attackers to create fake payment entries that did not occur. Public sources in the Connected Docum...
CVE-2025-12752 Subscriptions & Memberships for PayPal <= 1.1.7 - Unauthenticated Fake Payment Creation
The Subscriptions & Memberships for PayPal plugin for WordPress is vulnerable to fake payment creation in all versions up to, and including, 1.1.7. This is due to the plugin not properly verifying the authenticity of an IPN request. This makes it possible for unauthenticated attackers to create...
CVE-2025-66107
Missing Authorization vulnerability in Scott Paterson Subscriptions & Memberships for PayPal subscriptions-memberships-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscriptions & Memberships for PayPal: from n/a through = 1.1.7...
CVE-2025-66107 WordPress Subscriptions & Memberships for PayPal plugin <= 1.1.7 - Broken Access Control vulnerability
Missing Authorization vulnerability in Scott Paterson Subscriptions & Memberships for PayPal subscriptions-memberships-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Subscriptions & Memberships for PayPal: from n/a through = 1.1.7...
Kubernetes: KOPS documentation references domains which were not registered
Summary: While researching the kubernetes documentation, I found that the KOPS project's Route53 configuration references dangling DNS servers. I was able to register 3 / 4 of these domain names. I was also able to verify that some companies have been using this configuration, making them...
PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability
No description provided by source. \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion...
[ECHO_ADV_83$2007] PhpHostBot <= 1.06 (svr_rootscript) Remote File Inclusion Vulnerability
ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...
adv83-K-159-2007.txt
ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion Vulnerability ----------------------------------------------------------------------------------------- Author : M.Hasran...
PhpHostBot 1.06 - svr_rootscript Remote File Inclusion
PhpHostBot 1.06 - svrrootscript Remote File Inclusion \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote...
PhpHostBot 1.06 - 'svr_rootscript' Remote File Inclusion
\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV83$2007 ----------------------------------------------------------------------------------------- ECHOADV83$2007 PhpHostBot = 1.06 svrrootscript Remote File Inclusion Vulnerability...