7884 matches found
CVE-2023-39063
Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard...
Buffer overflow
Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard...
CVE-2023-4104
CVE-2023-4104 affects Mozilla VPN on Linux. The root cause is an invalid Polkit authentication check and missing authentication requirements for D-Bus methods, enabling any local user to configure arbitrary VPN setups. Impact is limited to Mozilla VPN on Linux; other OSes are unaffected. Mozilla ...
RaidenFTPD Security Vulnerability
RaidenFTPD is an easy-to-use FTP daemon for Windows. A security vulnerability exists in RaidenFTPD version 2.4.4005, which stems from a buffer overflow vulnerability. The vulnerability can be exploited to execute arbitrary code via the Server name field of the step-by-step setup wizard...
CVE-2023-39063
Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard...
Exploit for Code Injection in Apache Commons_Text
Quickstart bash sudo apt install golang To run like...
WooCommerce PDF Invoice Builder < 1.2.91 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Oracle Linux 7 : kubernetes / kubeadm-ha-setup / kubernetes-cni / kubernetes-cni-plugins (ELSA-2020-5725)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-5725 advisory. - CVE-2020-10749: IPv4 only clusters susceptible to MitM attacks via IPv6 rogue router advertisements - CVE-2020-8555: Half-Blind SSRF in...
Oracle Linux 7 : kubeadm-ha-setup (ELSA-2019-4717)
The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2019-4717 advisory. 0.0.2-1.0.52 - OLCNE-678 Restore fails when trying to restore after a failed update 0.0.2-1.0.51 - OLCNE-667 Minor version update doesn't update kubeadm on all...
WRC Pricing Tables < 2.3.9 - Admin+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CT Commerce <= 2.0.1 - Admin+ Stored XSS
Description The plugin does not validate and escape some parameters, which could allow users with the admin role and above to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Imagemagick
Exploit-for-ImageMagick-CVE-2022-44268 A bash script for easly...
CVE-2023-4253
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-4254
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Cross site scripting
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
Cross site scripting
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-4253 Chatbot < 4.7.8 - Admin+ Stored XSS in FAQ Builder
The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
How to specify the drive letter for the MCSIO Write Cache disk
Setting a specific Windows Drive letter to the disk created by the MCS Write Cache mechanism MCS IO / MCSWCDisk...
Store XSS in Mail Setup
Description I noticed, your website is very secure. But you overlooked a flaw XSS . Proof of Concept Detail: 1 .Login vs admin demo account and access admin page. 2 .Go to Configuration == Mail setup. 3 .Insert payload into Password: test"alertdocument.domain 4 .Click save configuration == detect...
Cross site scripting
The Front Editor WordPress plugin through 4.0.4 does not sanitize and escape some of its form settings, which could allow high-privilege users to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...