CVE-2023-2757

The Waiting: One-click countdowns plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on 'saveLang' functions in versions up to, and including, 0.6.2. This could lead to Cross-Site Scripting due to insufficient input sanitization and output escaping. This...

CVE-2022-4164 Contest Gallery < 19.1.5 - Author+ SQL Injection

The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cgmultiplefilesforpost POST parameter before concatenating it to an SQL query in 0change-gallery.php. This may allow malicious users with at least author privilege to leak...

WordPress HREFLANG Tags Lite plugin <= 2.0.0 - Unauthenticated Plugin Data Reset vulnerability

Unauthenticated Plugin Data Reset vulnerability discovered by Rasi Afeef Patchstack Alliance in WordPress HREFLANG Tags Lite plugin versions = 2.0.0. Solution No patched version is available. No reply from the vendor...

UBUNTU-CVE-2021-21303

Helm is open-source software which is essentially "The Kubernetes Package Manager". Helm is a tool for managing Charts. Charts are packages of pre-configured Kubernetes resources. In Helm from version 3.0 and before version 3.5.2, there a few cases where data loaded from potentially untrusted...

UBUNTU-CVE-2020-5248

GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. GLPIKEY is public and is used on every instance. This means anyone can decrypt sensitive data stored using this key. It is possible to change the key before installing GLPI. But on existing instances, data mu...

Making Splunk searches using REST API

When you have already learned how to make search requests in Splunk GUI, it may be nice to figure out how do the same from your own scripts using the Splunk REST API. It's really easy! Ok, we have a Splunk SIEM account: user="user" pass="Password123" And we want to execute this search request:...

AlienVault OSSIM Plugin ID SQL Injection Vulnerability

AlienVault OSSIM or Open Source Security Information Management is a popular open source security management system. AlienVault OSSIM handles NBE Plugin DI with a SQL injection vulnerability that allows remote attackers to exploit the vulnerability by submitting specially crafted SQL queries to...

CVE-2006-4571

Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service crash, corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and...

CVE-2006-4571

Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service crash, corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and...

CVE-2006-4571

Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service crash, corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and...

seamonkey < 1.0.5 multiple vulnerabilities; to replace Mozilla

Multiple unspecified vulnerabilities in Firefox before 1.5.0.7, Thunderbird before 1.5.0.7, and SeaMonkey before 1.0.5 allow remote attackers to cause a denial of service crash, corrupt memory, and possibly execute arbitrary code via unspecified vectors, some of which involve JavaScript, and...