21 matches found
MalwareBytes Missing Signing / Privilege Escalation
This is older research from 2016 when Google found that MalwareBytes failed to sign packages and download them over a secure channel as well as various other security issues...
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS.
...
Linux Distros Unpatched Vulnerability : CVE-2019-11065
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle versions from 1.4 to 5.3.1 use an insecure HTTP URL to download dependencies when the built-in JavaScript or CoffeeScript Gradle plugins are used...
WordPress Secure Downloads plugin < 1.2.3 - Admin+ Arbitrary File Download vulnerability
Admin+ Arbitrary File Download vulnerability discovered by Emiliano Versini in WordPress Plugin Secure Downloads versions 1.2.3...
CVE-2024-8031
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php...
CVE-2024-8031
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php...
CVE-2024-8031 Secure Downloads < 1.2.3 - Admin+ Arbitrary File Download
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php...
CVE-2024-8031
The CVE-2024-8031 vulnerability affects the Secure Downloads WordPress plugin (versions before 1.2.3). Root cause: the plugin does not properly restrict which files can be downloaded, enabling authenticated attackers with admin-level access to download arbitrary files (e.g., wp-config.php). Impac...
CVE-2024-8031 Secure Downloads < 1.2.3 - Admin+ Arbitrary File Download
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php...
PT-2025-21507 · WordPress · Secure Downloads
Name of the Vulnerable Software and Affected Versions: Secure Downloads WordPress plugin versions prior to 1.2.3 Description: The issue allows authenticated attackers with admin-level access and above to download arbitrary files, potentially containing sensitive information, such as the...
WordPress plugin Secure Downloads 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...
UBUNTU-CVE-2023-31484
CPAN.pm before 2.35 does not verify TLS certificates when downloading distributions over HTTPS...
PT-2023-3596
Name of the Vulnerable Software and Affected Versions CPAN.pm versions prior to 2.35 Description The issue is related to errors in the TLS certificate authentication procedure, which can allow a remote attacker to access confidential data, compromise its integrity, and cause a denial of service...
New Kickass Torrents Site: List of New 2024 Proxies and Alternatives
Kickass Torrents KAT cr was once a hugely popular online portal, renowned for its vast archive of movies, music, TV shows, and other media. It was a treasure trove for those seeking rare content and for users looking to share their creations. However, Kickass Torrents faced significant opposition...
The vulnerability of the Microsoft Windows operating system, which allows a perpetrator to bypass the security mechanisms for secure downloads
The vulnerability of the Microsoft Windows operating system is related to security configuration errors. Exploiting this vulnerability allows a malicious individual to bypass the security mechanisms for secure loading by using administrative privileges to install the necessary policies...
vBulletin Secure Downloads 2.0.0r - SQL Injection Vulnerability
No description provided by source. vBulletin Mode Secure Downloads v2.0.0r SQL Injection Vulnerability Mod : http://www.1src.com/freeware/download.php?id=1880 Author : Cn4phux PoC : URL.com/fileinfo.php?id=SQL :...
Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability
No description provided by source. vBulletin Mode Secure Downloads v2.0.0r SQL Injection Vulnerability Mod : http://www.1src.com/freeware/download.php?id=1880 Author : Cn4phux PoC : URL.com/fileinfo.php?id=SQL :...
Secure Downloads 2.0.0r SQL Injection
vBulletin Mode Secure Downloads v2.0.0r SQL Injection Vulnerability Mod : http://www.1src.com/freeware/download.php?id=1880 Author : Cn4phux PoC : URL.com/fileinfo.php?id=SQL : 1797'+AND0+UNION+SELECT+1,1,1,1,1,'Cn4phux',0,0,0,1,0,1,0,0,0,0,0,USER,DATABASE,0,0,0,0,0,0,0+OR+'1'='0 //Cn4phux...
vBulletin Secure Downloads 2.0.0r - SQL Injection
vBulletin Secure Downloads 2.0.0r - SQL Injection vBulletin Mode Secure Downloads v2.0.0r SQL Injection Vulnerability Mod : http://www.1src.com/freeware/download.php?id=1880 Author : Cn4phux PoC : URL.com/fileinfo.php?id=SQL :...
Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability
Exploit for unknown platform in category web applications ================================================================== Secure Downloads v2.0.0r for vBulletin SQL Injection Vulnerability ================================================================== vBulletin Mode Secure Downloads v2.0.0...