21 matches found
WordPress和WordPress plugin 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
EUVD-2022-5694
Malicious code in bioql PyPI...
EUVD-2022-4113
Malicious code in bioql PyPI...
CVE-2020-2098
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins...
CVE-2020-2097
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins...
GHSA-H8W6-C53G-53VV Missing permission checks in Jenkins Sounds Plugin allow OS command execution
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins...
CSRF vulnerability in Jenkins Sounds Plugin allow OS command execution
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins...
GHSA-X37X-3FW2-5QW2 CSRF vulnerability in Jenkins Sounds Plugin allow OS command execution
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins...
Missing permission checks in Jenkins Sounds Plugin allow OS command execution
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins...
CVE-2020-2098
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins...
CVE-2020-2098
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins...
CVE-2020-2097
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins...
CVE-2020-2097
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins...
Cross site request forgery (csrf)
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins...
Input validation
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins...
CVE-2020-2098
CVE-2020-2098 is a CSRF vulnerability in the Jenkins Sounds Plugin (version 0.5 and earlier). The issue allows an attacker to cause the Jenkins OS user to execute arbitrary OS commands, via cross-site request forgery, under the plugin’s vulnerable versions. The root cause is a missing CSRF protec...
CVE-2020-2097
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins...
CVE-2020-2097
Jenkins Sounds Plugin
CVE-2020-2098
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins...
PT-2020-15304 · Jenkins · Jenkins Sounds Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Sounds Plugin version 0.5 and earlier Description: A cross-site request forgery issue allows an attacker to execute arbitrary OS commands as the OS user account running Jenkins. Recommendations: For Jenkins Sounds Plugin version 0.5 a...