Lucene search
K

21 matches found

Packet Storm News
Packet Storm News
added 2025/12/05 12:0 a.m.2 views

MalwareBytes Missing Signing / Privilege Escalation

This is older research from 2016 when Google found that MalwareBytes failed to sign packages and download them over a secure channel as well as various other security issues...

6.9AI score
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:23 a.m.5 views

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.

...

8.1CVSS7AI score0.01561EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2025/08/24 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2019-11065

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used...

5.9CVSS6.7AI score0.01366EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/05/19 2:26 a.m.7 views

WordPress Secure Downloads plugin < 1.2.3 - Admin+ Arbitrary File Download vulnerability

Admin+ Arbitrary File Download vulnerability discovered by Emiliano Versini in WordPress Plugin Secure Downloads versions 1.2.3...

6.5CVSS6.8AI score0.00423EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/05/15 8:15 p.m.4 views

CVE-2024-8031

The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php...

6.5CVSS0.00423EPSS
Exploits1References1
OSV
OSV
added 2025/05/15 8:15 p.m.3 views

CVE-2024-8031

The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php...

6.5CVSS5.8AI score0.00423EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:7 p.m.10 views

CVE-2024-8031 Secure Downloads < 1.2.3 - Admin+ Arbitrary File Download

The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php...

0.00423EPSS
Exploits1References1
CVE
CVE
added 2025/05/15 8:7 p.m.26 views

CVE-2024-8031

The CVE-2024-8031 vulnerability affects the Secure Downloads WordPress plugin (versions before 1.2.3). Root cause: the plugin does not properly restrict which files can be downloaded, enabling authenticated attackers with admin-level access to download arbitrary files (e.g., wp-config.php). Impac...

6.5CVSS6.2AI score0.00423EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/15 8:7 p.m.3 views

CVE-2024-8031 Secure Downloads < 1.2.3 - Admin+ Arbitrary File Download

The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php...

6.5AI score0.00423EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/05/15 12:0 a.m.4 views

PT-2025-21507 · WordPress · Secure Downloads

Name of the Vulnerable Software and Affected Versions: Secure Downloads WordPress plugin versions prior to 1.2.3 Description: The issue allows authenticated attackers with admin-level access and above to download arbitrary files, potentially containing sensitive information, such as the...

6.5CVSS6.3AI score0.00423EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/05/15 12:0 a.m.3 views

WordPress plugin Secure Downloads 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

6.5CVSS6.3AI score0.00423EPSS
Exploits1References1
OSV
OSV
added 2023/04/29 12:15 a.m.2 views

UBUNTU-CVE-2023-31484

CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS...

8.1CVSS7.1AI score0.01561EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2023/02/28 12:0 a.m.3 views

PT-2023-3596

Name of the Vulnerable Software and Affected Versions CPAN.pm versions prior to 2.35 Description The issue is related to errors in the TLS certificate authentication procedure, which can allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service...

8.1CVSS6.7AI score0.01561EPSS
Exploits1References97
The Hacker News
The Hacker News
added 2019/01/01 11:54 a.m.831 views

New Kickass Torrents Site: List of New 2024 Proxies and Alternatives

Kickass Torrents KAT cr was once a hugely popular online portal, renowned for its vast archive of movies, music, TV shows, and other media. It was a treasure trove for those seeking rare content and for users looking to share their creations. However, Kickass Torrents faced significant opposition...

6.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/08/15 12:0 a.m.6 views

The vulnerability of the Microsoft Windows operating system, which allows a perpetrator to bypass the security mechanisms for secure downloads

The vulnerability of the Microsoft Windows operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious individual to bypass the security mechanisms for secure loading by using administrative privileges to install the necessary policies...

2.1CVSS5.8AI score0.01486EPSS
Exploits0References2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

vBulletin Secure Downloads 2.0.0r - SQL Injection Vulnerability

No description provided by source. vBulletin Mode Secure Downloads v2.0.0r SQL Injection Vulnerability Mod : http://www.1src.com/freeware/download.php?id=1880 Author : Cn4phux PoC : URL.com/fileinfo.php?id=SQL :...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2008/12/09 12:0 a.m.18 views

Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability

No description provided by source. vBulletin Mode Secure Downloads v2.0.0r SQL Injection Vulnerability Mod : http://www.1src.com/freeware/download.php?id=1880 Author : Cn4phux PoC : URL.com/fileinfo.php?id=SQL :...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2008/12/09 12:0 a.m.20 views

Secure Downloads 2.0.0r SQL Injection

vBulletin Mode Secure Downloads v2.0.0r SQL Injection Vulnerability Mod : http://www.1src.com/freeware/download.php?id=1880 Author : Cn4phux PoC : URL.com/fileinfo.php?id=SQL : 1797'+AND0+UNION+SELECT+1,1,1,1,1,'Cn4phux',0,0,0,1,0,1,0,0,0,0,0,USER,DATABASE,0,0,0,0,0,0,0+OR+'1'='0 //Cn4phux...

0.4AI score
Exploits0
exploitpack
exploitpack
added 2008/12/08 12:0 a.m.18 views

vBulletin Secure Downloads 2.0.0r - SQL Injection

vBulletin Secure Downloads 2.0.0r - SQL Injection vBulletin Mode Secure Downloads v2.0.0r SQL Injection Vulnerability Mod : http://www.1src.com/freeware/download.php?id=1880 Author : Cn4phux PoC : URL.com/fileinfo.php?id=SQL :...

0.6AI score
Exploits0
0day.today
0day.today
added 2008/12/08 12:0 a.m.19 views

Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability

Exploit for unknown platform in category web applications ================================================================== Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability ================================================================== vBulletin Mode Secure Downloads v2.0.0...

7.1AI score
Exploits0
Rows per page
Query Builder