PT-2024-27531 · Unknown · Team Emilia Projects Progress Planner

Name of the Vulnerable Software and Affected Versions: Team Emilia Projects Progress Planner versions 0.9.1 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions...

Progress Telerik Report Server <= 10.2.24.806 Insecure Type Resolution (CVE-2024-8015)

The version of Progress Telerik Report Server installed on the remote host is affected by an insecure type resolution vulnerability: - A remote code execution attack is possible through object injection via an insecure type resolution vulnerability. CVE-2024-8015 Note that Nessus has not tested f...

WordPress plugin Progress Planner 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Awesome Progress Bar plugin <= 1.0.13 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by theviper17 Patchstack Alliance in WordPress Plugin Awesome Progress Bar versions = 1.0.13...

WordPress Awesome Progress Bar Plugin <= 1.0.1 is vulnerable to Cross Site Scripting (XSS)

Software Awesome Progress Bar Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-50548 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1d8e4459e1b3 Credits theviper17 Required privilege...

Progress Chef Habitat 安全漏洞

Progress Chef Habitat is an open source solution from Progress, Inc. that provides automation capabilities for defining, packaging, and delivering applications to virtually any environment. Progress Chef Habitat has a security vulnerability that stems from susceptibility to Indirect Object...

PT-2024-38566 · Progress · Whatsup Gold

Name of the Vulnerable Software and Affected Versions: Progress Software WhatsUp Gold versions prior to 2024.0.0 Description: The issue is related to an Authentication Bypass, allowing an attacker to obtain encrypted user credentials. This is due to a Missing Authentication vulnerability in the...

CVE-2024-49657

Missing Authorization vulnerability in Renata Bracichowicz 3D Work In Progress renee-work-in-progress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D Work In Progress: from n/a through = 1.0.3...

CVE-2024-49652

CVE-2024-49652 concerns the WordPress plugin ReneeCussack 3D Work In Progress (versions n/a through 1.0.3). The vulnerability is an Unrestricted Upload of File with Dangerous Type, enabling an attacker to upload a web shell to the web server. According to Patchstack, this is a high-severity issue...

CVE-2024-49652 WordPress 3D Work In Progress plugin <= 1.0.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Renata Bracichowicz 3D Work In Progress renee-work-in-progress allows Upload a Web Shell to a Web Server.This issue affects 3D Work In Progress: from n/a through = 1.0.3...

CVE-2024-49657

CVE-2024-49657 : WordPress plugin “3D Work In Progress” (RenéeCussack)

CVE-2024-49657 WordPress 3D Work In Progress plugin <= 1.0.3 - Arbitrary File Deletion vulnerability

Missing Authorization vulnerability in Renata Bracichowicz 3D Work In Progress renee-work-in-progress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects 3D Work In Progress: from n/a through = 1.0.3...

WordPress 3D Work In Progress Plugin <= 1.0.3 is vulnerable to Arbitrary File Upload

Software 3D Work In Progress Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-49652 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 22382aa9215e Credits stealthcopter Required privilege...

WordPress 3D Work In Progress Plugin <= 1.0.3 is vulnerable to Arbitrary File Deletion

Software 3D Work In Progress Type Plugin Vulnerable versions = 1.0.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Arbitrary File Deletion CVE CVE-2024-49657 Patch priority High CVSS severity High 7.7 Developer Claim ownership PSID 209728d5f5a9 Credits stealthcopter Required privilege...

CVE-2024-8755

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 inclusive From 7.2.49.0 to 7.2.54.12 inclusive 7.2.48.12 and all prior versions Multi-Tenant...

CVE-2024-8755 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 inclusive From 7.2.49.0 to 7.2.54.12 inclusive 7.2.48.12 and all prior versions Multi-Tenant...

CVE-2024-8755

CVE-2024-8755 is an Improper Input Validation vulnerability in Progress LoadMaster and Progress Multi-Tenant Hypervisor that allows OS Command Injection for authenticated users via the LoadMaster management interface. Affected: LoadMaster versions 7.2.55.0–7.2.60.1; 7.2.49.0–7.2.54.12; 7.2.48.12 ...

CVE-2024-8755 Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.

Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows : OS Command Injection.This issue affects: Product Affected Versions LoadMaster From 7.2.55.0 to 7.2.60.1 inclusive From 7.2.49.0 to 7.2.54.12 inclusive 7.2.48.12 and all prior versions Multi-Tenant...

Progress LoadMaster和Progress Multi-Tenant Hypervisor 输入验证错误漏洞

Progress LoadMaster and Progress Multi-Tenant Hypervisor are both products of Progress, Inc. Progress LoadMaster is a high performance application delivery controller ADC and load balancer. Progress Multi-Tenant Hypervisor is a multi-tenant hypervisor. Tenant Hypervisor is a multi-tenant...

Progress Telerik UI for WinForms < 2024.3.924 Command Injection

The version of Progress Telerik UI for WinForms installed on the remote host is prior to 2024.3.924. It is, therefore, affected by a vulnerability as referenced in the cve-2024-7679 advisory. - In Progress Telerik UI for WinForms versions prior to 2024 Q3 2024.3.924, a command injection attack is...