Lucene search
K

332 matches found

NVD
NVD
added 2020/09/01 2:15 p.m.39 views

CVE-2020-2251

Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits project passwords in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure...

4.3CVSS4.6AI score0.00514EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2020/09/01 12:0 a.m.6 views

PT-2020-15475 · Smartbear +2 · Readyapi Functional Testing Plugin +2

Name of the Vulnerable Software and Affected Versions: Jenkins SoapUI Pro Functional Testing Plugin versions 1.5 and earlier ReadyAPI Functional Testing Plugin versions 1.5 and earlier Jenkins versions prior to 2.236, including 2.235.x LTS Description: The issue concerns the transmission of proje...

4.3CVSS4.7AI score0.00514EPSS
Exploits0References9
NVD
NVD
added 2020/07/02 4:15 p.m.20 views

CVE-2020-14092

The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection...

9.8CVSS0.9453EPSS
Exploits1References3
Cvelist
Cvelist
added 2020/07/02 3:20 p.m.26 views

CVE-2020-14092

The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection...

9.8AI score0.9453EPSS
Exploits1References3
Patchstack
Patchstack
added 2020/02/06 12:0 a.m.8 views

Ultimate Membership Pro plugin <= 8.6 - Multiple Critical Vulnerabilities

Multiple Critical Vulnerabilities found by Noman Riffat in Ultimate Membership Pro plugin versions = 8.6. Solution Update the Ultimate Membership Pro plugin to the latest available version at least 8.6.1...

2.8AI score
Exploits0References1Affected Software1
Kitploit
Kitploit
added 2020/01/22 8:30 p.m.96 views

YARASAFE - Automatic Binary Function Similarity Checks with Yara

SAFE is a tool developed to create Binary Functions Embedding developed by Massarelli L., Di Luna G.A., Petroni F., Querzoni L. and Baldoni R. You can use SAFE to create your function embedding to use inside yara rules. If you are interested take a look at our research paper:...

7.1AI score
Exploits0References2
NVD
NVD
added 2019/10/22 9:15 p.m.25 views

CVE-2015-9499

The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive...

9.8CVSS9.8AI score0.14775EPSS
Exploits1References3
Prion
Prion
added 2019/10/22 9:15 p.m.16 views

Code injection

The Showbiz Pro plugin through 1.7.1 for WordPress has PHP code execution by uploading a .php file within a ZIP archive...

7.5CVSS7.9AI score0.14775EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2019/10/07 12:15 p.m.19 views

Cross site scripting

The elementor-edit-template class in wp-admin/customize.php in the Elementor Pro plugin before 2.0.10 for WordPress has XSS...

4.3CVSS6.3AI score0.01303EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2019/10/07 11:28 a.m.105 views

CVE-2018-18379

The CVE-2018-18379 entry concerns the Elementor Pro WordPress plugin before version 2.0.10, where the elementor-edit-template class in wp-admin/customize.php enables cross-site scripting due to improper validation of client-side data. The vulnerability affects Elementor Pro on WordPress and is ex...

6.1CVSS6.3AI score0.01303EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2019/09/26 12:15 a.m.18 views

CVE-2015-9418

The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes...

5.8CVSS4.7AI score0.00556EPSS
Exploits1References3
Prion
Prion
added 2019/09/26 12:15 a.m.11 views

Cross site request forgery (csrf)

The Watu Pro plugin before 4.9.0.8 for WordPress has CSRF that allows an attacker to delete quizzes...

5.8CVSS7.2AI score0.00556EPSS
Exploits1References3Affected Software1
Carbon Black Blog
Carbon Black Blog
added 2019/02/25 3:56 p.m.108 views

Defeating Compiler-Level Obfuscations Used in APT10 Malware

Summary The Carbon Black Threat Analysis Unit TAU recently analyzed a series of malware samples that utilized compiler-level obfuscations. For example, opaque predicates were applied to Turla mosquito and APT10 ANEL. Another obfuscation, control flow flattening, was applied to APT10 ANEL and Dhar...

7AI score
Exploits0
CNVD
CNVD
added 2017/12/29 12:0 a.m.13 views

WordPress Payment Form for PayPal Pro Plugin Cross-Site Scripting Vulnerability

WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.Payment Form for PayPal Pro plugin is used in one of the payment plugin. WordPress Payment Form for PayPal Pro...

6.1CVSS6AI score0.01791EPSS
Exploits2References1
Prion
Prion
added 2017/09/20 4:29 p.m.19 views

Directory traversal

Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter in a ticket.downloadattachment task...

5CVSS7.2AI score0.5651EPSS
Exploits5References4Affected Software1
NVD
NVD
added 2017/09/20 4:29 p.m.20 views

CVE-2015-4073

Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the 1 ticketcode or 2 email parameter or 3 remote authenticated users to execute arbitrary SQL commands via the filterorder parameter...

9.8CVSS9.8AI score0.04212EPSS
Exploits6References4
NVD
NVD
added 2017/09/20 4:29 p.m.19 views

CVE-2015-4074

Directory traversal vulnerability in the Helpdesk Pro plugin before 1.4.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter in a ticket.downloadattachment task...

7.5CVSS7.5AI score0.5651EPSS
Exploits5References4
CVE
CVE
added 2017/09/20 4:0 p.m.51 views

CVE-2015-4075

CVE-2015-4075 – Joomla! Helpdesk Pro (

8.1CVSS7.9AI score0.07381EPSS
Exploits5References4Affected Software1
CVE
CVE
added 2017/09/20 4:0 p.m.67 views

CVE-2015-4074

CVE-2015-4074 is a proven Local File Inclusion / path traversal vulnerability in the Joomla! Helpdesk Pro plugin &lt; 1.4.0. The issue allows reading arbitrary files via a .. in the filename parameter of the ticket.download_attachment task. Affected software: Joomla! Helpdesk Pro plugin versions ...

7.5CVSS7.5AI score0.5651EPSS
Exploits5References4Affected Software1
Cvelist
Cvelist
added 2017/09/20 4:0 p.m.26 views

CVE-2015-4073

Multiple SQL injection vulnerabilities in the Helpdesk Pro plugin before 1.4.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the 1 ticketcode or 2 email parameter or 3 remote authenticated users to execute arbitrary SQL commands via the filterorder parameter...

9.5AI score0.04212EPSS
Exploits6References4
Rows per page
Query Builder