EUVD-2024-41402

Malicious code in bioql PyPI...

CVE-2024-28890

CVE-2024-28890 : Forminator (WordPress plugin) before 1.29.0 has an unrestricted file upload of dangerous types vulnerability. This could allow a remote attacker to access server files, modify the site, and potentially cause a DoS. Remediation: upgrade Forminator to version 1.29.0 or later (per R...

The vulnerability in the web interface of the Cisco Prime Collaboration Deployment software allows a attacker to disclose sensitive information, alter the appearance of the web page, and perform phishing attacks as well as “drive-down” attacks.

The vulnerability in the Cisco Prime Collaboration Deployment software’s web interface exists due to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to disclose sensitive information, alter the appearance of the website, and perfor...

CVE-2023-28408

Directory traversal vulnerability in MW WP Form versions v4.4.2 and earlier allows a remote unauthenticated attacker to alter the website or cause a denial-of-service DoS condition, and obtain sensitive information depending on settings...

Heap overflow

HTTP header injection vulnerability in Everything all versions except the Lite version may allow a remote attacker to inject an arbitrary script or alter the website that uses the product via unspecified vectors...