2429 matches found
PT-2024-38878 · Unknown · Code-Projects Responsive Hotel Site
Name of the Vulnerable Software and Affected Versions: code-projects Responsive Hotel Site version 1.0 Description: A critical issue was found in the code-projects Responsive Hotel Site. It affects an unknown function of the file index.php. The manipulation of the name, phone, or email arguments...
WordPress Responsive Lightbox Plugin <= 2.4.7 is vulnerable to Broken Access Control
Software Responsive Lightbox Type Plugin Vulnerable versions = 2.4.7 Fixed in 2.4.8 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-43924 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 780209dce3f9 Credits Rafie Muhammad Patchstack...
CVE-2024-8078 TOTOLINK AC1200 T8 setTracerouteCfg buffer overflow
A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228. It has been declared as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to buffer overflow. The attack can be initiated remotely. NOTE: The vendor was contacted early about this...
CVE-2024-8077 TOTOLINK AC1200 T8 setTracerouteCfg os command injection
A vulnerability was found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228. It has been classified as critical. This affects the function setTracerouteCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. NOTE: The vendor was contacted early about this...
CVE-2024-8075 TOTOLINK AC1200 T8 setDiagnosisCfg os command injection
A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.862B20230228 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg. The manipulation leads to os command injection. The attack can be launched remotely. NOTE: The vendor was contacted early about thi...
CVE-2024-6870
The Responsive Lightbox & Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via file uploads in all versions up to, and including, 2.4.7 due to insufficient input sanitization and output escaping affecting the rluploadimage AJAX endpoint. This makes it possible for...
WordPress Responsive Lightbox & Gallery plugin <= 2.4.7 - Authenticated (Author+) Stored Cross-Site Scripting via File Upload vulnerability
Authenticated Author+ Stored Cross-Site Scripting via File Upload vulnerability discovered by wesley wcraft in WordPress Plugin Responsive Lightbox versions = 2.4.7...
WordPress Responsive Lightbox Plugin <= 2.4.7 is vulnerable to Cross Site Scripting (XSS)
Software Responsive Lightbox Type Plugin Vulnerable versions = 2.4.7 Fixed in 2.4.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-6870 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 74a3e9ff4440 Credits wesley wcraft Requir...
PT-2024-37917 · WordPress · Responsive Lightbox & Gallery
Name of the Vulnerable Software and Affected Versions: The Responsive Lightbox & Gallery plugin for WordPress versions up to, and including, 2.4.7 Description: The issue is related to Stored Cross-Site Scripting via file uploads due to insufficient input sanitization and output escaping, affectin...
CVE-2024-7629
The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's video settings function in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
CVE-2024-7629
The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's video settings function in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
CVE-2024-7629 Responsive Video <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's video settings function in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
CVE-2024-7629 Responsive Video <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Responsive video plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's video settings function in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
CVE-2024-7629
CVE-2024-7629 concerns the WordPress plugin “Responsive Video” (versions
WordPress Responsive Video plugin <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by lowol in WordPress Plugin Responsive Video versions = 1.0...
CVE-2024-8023
A vulnerability classified as critical has been found in chillzhuang SpringBlade 4.1.0. Affected is an unknown function of the file /api/blade-system/menu/list?updatexml. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the...
WordPress plugin Responsive video 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
Drupal Responsive and off-canvas menu module < 4.4.4 - Unauthenticated Broken Access Control vulnerability
Unauthenticated Broken Access Control vulnerability discovered by collinhaines in WordPress Module Responsive and off-canvas menu versions 4.4.4...
WordPress Responsive Video Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS)
Software Responsive Video Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-7629 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 7b52fa19ee71 Credits lowol Required privilege...
PT-2024-38464 · WordPress · Responsive Video
Name of the Vulnerable Software and Affected Versions: The Responsive video plugin for WordPress versions up to, and including, 1.0 Description: The issue is related to Stored Cross-Site Scripting via the plugin's video settings function due to insufficient input sanitization and output escaping ...