Lucene search
K

2429 matches found

Positive Technologies
Positive Technologies
added 2024/08/27 12:0 a.m.6 views

PT-2024-38878 · Unknown · Code-Projects Responsive Hotel Site

Name of the Vulnerable Software and Affected Versions: code-projects Responsive Hotel Site version 1.0 Description: A critical issue was found in the code-projects Responsive Hotel Site. It affects an unknown function of the file index.php. The manipulation of the name, phone, or email arguments...

9.8CVSS7.8AI score0.00646EPSS
Exploits1References12
Patchstack
Patchstack
added 2024/08/26 12:0 a.m.15 views

WordPress Responsive Lightbox Plugin <= 2.4.7 is vulnerable to Broken Access Control

Software Responsive Lightbox Type Plugin Vulnerable versions = 2.4.7 Fixed in 2.4.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43924 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 780209dce3f9 Credits Rafie Muhammad Patchstack...

9.8CVSS6.3AI score0.0052EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/08/22 8:31 p.m.25 views

CVE-2024-8078 TOTOLINK AC1200 T8 setTracerouteCfg buffer overflow

A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228. It has been declared as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to buffer overflow. The attack can be initiated remotely. NOTE: The vendor was contacted early about this...

9CVSS0.01043EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/08/22 8:0 p.m.16 views

CVE-2024-8077 TOTOLINK AC1200 T8 setTracerouteCfg os command injection

A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228. It has been classified as critical. This affects the function setTracerouteCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. NOTE: The vendor was contacted early about this...

6.5CVSS7.6AI score0.02949EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2024/08/22 7:31 p.m.13 views

CVE-2024-8075 TOTOLINK AC1200 T8 setDiagnosisCfg os command injection

A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg. The manipulation leads to os command injection. The attack can be launched remotely. NOTE: The vendor was contacted early about thi...

6.5CVSS7.3AI score0.019EPSS
Exploits0References5
NVD
NVD
added 2024/08/22 10:15 a.m.22 views

CVE-2024-6870

The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping affecting the rluploadimage AJAX endpoint. This makes it possible for...

6.4CVSS0.00313EPSS
Exploits0References4
Patchstack
Patchstack
added 2024/08/22 12:38 a.m.6 views

WordPress Responsive Lightbox & Gallery plugin <= 2.4.7 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload vulnerability

Authenticated Author+ Stored Cross-Site Scripting via File Upload vulnerability discovered by wesley wcraft in WordPress Plugin Responsive Lightbox versions = 2.4.7...

6.4CVSS5.8AI score0.00313EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/22 12:0 a.m.10 views

WordPress Responsive Lightbox Plugin <= 2.4.7 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Lightbox Type Plugin Vulnerable versions = 2.4.7 Fixed in 2.4.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6870 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 74a3e9ff4440 Credits wesley wcraft Requir...

6.4CVSS5.8AI score0.00313EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.6 views

PT-2024-37917 · WordPress · Responsive Lightbox & Gallery

Name of the Vulnerable Software and Affected Versions: The Responsive Lightbox & Gallery plugin for WordPress versions up to, and including, 2.4.7 Description: The issue is related to Stored Cross-Site Scripting via file uploads due to insufficient input sanitization and output escaping, affectin...

6.4CVSS6AI score0.00313EPSS
Exploits0References12
NVD
NVD
added 2024/08/21 6:15 a.m.29 views

CVE-2024-7629

The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's video settings function in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS0.00263EPSS
Exploits0References2
OSV
OSV
added 2024/08/21 6:15 a.m.2 views

CVE-2024-7629

The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's video settings function in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

5.4CVSS5.9AI score0.00263EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/08/21 5:30 a.m.13 views

CVE-2024-7629 Responsive Video <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's video settings function in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS5.8AI score0.00263EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/21 5:30 a.m.21 views

CVE-2024-7629 Responsive Video <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's video settings function in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS0.00263EPSS
Exploits0References2
CVE
CVE
added 2024/08/21 5:30 a.m.55 views

CVE-2024-7629

CVE-2024-7629 concerns the WordPress plugin “Responsive Video” (versions

6.4CVSS5.7AI score0.00263EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/08/21 1:45 a.m.5 views

WordPress Responsive Video plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by lowol in WordPress Plugin Responsive Video versions = 1.0...

6.4CVSS5.7AI score0.00263EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/08/21 12:15 a.m.16 views

CVE-2024-8023

A vulnerability classified as critical has been found in chillzhuang SpringBlade 4.1.0. Affected is an unknown function of the file /api/blade-system/menu/list?updatexml. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...

9.8CVSS0.00637EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/08/21 12:0 a.m.3 views

WordPress plugin Responsive video 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

6.4CVSS6.3AI score0.00263EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/08/21 12:0 a.m.3 views

Drupal Responsive and off-canvas menu module < 4.4.4 - Unauthenticated Broken Access Control vulnerability

Unauthenticated Broken Access Control vulnerability discovered by collinhaines in WordPress Module Responsive and off-canvas menu versions 4.4.4...

7AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/08/21 12:0 a.m.10 views

WordPress Responsive Video Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)

Software Responsive Video Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7629 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7b52fa19ee71 Credits lowol Required privilege...

6.4CVSS5.8AI score0.00263EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/20 12:0 a.m.3 views

PT-2024-38464 · WordPress · Responsive Video

Name of the Vulnerable Software and Affected Versions: The Responsive video plugin for WordPress versions up to, and including, 1.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's video settings function due to insufficient input sanitization and output escaping ...

6.4CVSS6AI score0.00263EPSS
Exploits0References6
Rows per page
Query Builder