EUVD-2022-4351

Malicious code in bioql PyPI...

CVE-2022-28056

ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php...

Enjoy Social Feed <= 6.2.2 - Subscriber+ Plugin Database Reset

Description The plugin does not have authorisation when resetting its database, allowing any authenticated users, such as subscriber to perform such action Log in as a subscriber, access the Diagnostic tab of the plugin /wp-admin/admin.php?page=enjoyinstagrampluginoptions&tab=diagnostic and click...

Incorrect Permission Assignment for Critical Resource in ShopXO

ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php...

GHSA-JFPH-3HPG-2F65 Incorrect Permission Assignment for Critical Resource in ShopXO

ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php...

CVE-2022-28056

ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php...

CVE-2022-28056

ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php...

Design/Logic Flaw

ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php...

CVE-2022-28056

ShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php...

CVE-2022-28056

ShopXO v2.2.5 and earlier has a reported vulnerability in the Add function (app/install/controller/Index.php) that enables a system re-install scenario. The issue is described as a re-install vulnerability without further public exploit details in the provided documents. Affected software is Shop...

XDcms has a flawed logic vulnerability

XDcms is a general purpose content management system. XDcms has a logic flaw vulnerability that can be exploited by an attacker to reinstall the system...

PT-2021-16940 · Atlassian · Connect Express

Name of the Vulnerable Software and Affected Versions: Atlassian Connect Express versions 3.0.2 through 6.6.0 Description: The issue concerns broken authentication in Atlassian Connect Express, a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and th...

Wing FTP Server 6.2.3 Cross Site Request Forgery Vulnerability

Exploit Title: Wing FTP Server 6.2.3 - Privilege Escalation Exploit Author: Dhiraj Mishra Vendor Homepage: https://www.wftpserver.com Version: v6.2.6 Tested on: Windows 10 Summary: An authenticated CSRF exists in web client and web administration of Wing FTP v6.2.6, a crafted HTML page could dele...

Intel® Processor Diagnostic Tool Privilege Escalation Vulnerability

Summary: Privilege escalation Description: Permissions issue with IPDT Installer v4.1.0.24 installs 3 files within improper permissions, allowing for arbitrary code execution and escalation of privileges CVSS Score 8.3 - High: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H Affected products: IPDT –...

ERROR: "This app has been disabled because entitlement to the app was not found if you have entitlement to this app, you may delete and re-install it"

Secure Mail fails to be launched on Huawei Phone with error: "This app has been disabled because entitlement to the app was not found if you have entitlement to this app, you may delete and re-install it"...

JVN#05924524: LINE for Windows fails to properly verify downloaded files

The auto update function in LINE for Windows provided by LINE Corporation contains a vulnerability where downloaded files are not properly verified. Impact A successful man-in-the-middle attack may result in a specially crafted file prepared by an attacker being downloaded and executed. Solution...

This Simple Message Can Crash Skype Badly and Forces Re-Installation

Just last week iPhone and iPad users were dealing with an iOS text bug that caused the app to crash and iPhones to reboot, now a similar bug has been found that takes out Skype — the popular video chat and messaging service. Yes, Microsoft-owned Skype VoIP client is also affected by a bug that...

Golabi CMS <= 1.0.1 Session Poisoning Vulnerability

No description provided by source. -------------------------------------------------------------------------------- \ \ / \ | | / \ /\ \ \ \ | |/ /\ \ / \ / / | | \ | | // / / \ / | \ | / // /| | \ /|| / / | /| /\ / \ / / / // / /// /...

CVE-2012-4553

Drupal 7.x before 7.16 is vulnerable (CVE-2012-4553) to remote information disclosure and possible arbitrary PHP code execution, via an external database server during installer.php processing, related to transient conditions. The issue can allow re-installation of Drupal under certain conditions...

Bofra Virus Detection

The remote host seems to have been infected with the Bofra virus or one of its variants, which infects machines via an Internet Explorer IFRAME exploit. It is very likely this system has been compromised. OpenVAS Vulnerability Test $Id: bofradetect.nasl 6053 2017-05-01 09:02:51Z teissa $...