35 matches found
EUVD-2007-5674
Malware in sbrugna...
EUVD-2022-0766
Malicious code in bioql PyPI...
EUVD-2022-0923
Malicious code in bioql PyPI...
CVE-2022-25212
A cross-site request forgery CSRF vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2022-25211
A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials...
SUSE CVE-2007-5702
Cross-site scripting XSS vulnerability in swamp/action/LoginActions aka the login box in the Novell OpenSUSE SWAMP Workflow Administration and Management Platform 1.x allows remote attackers to inject arbitrary web script or HTML via the username parameter. NOTE: some of these details are obtaine...
Jenkins SWAMP Plugin Access Control Error Vulnerability
Jenkins plug-ins are plug-ins that provide functionality for Jenkins. The Jenkins SWAMP Plugin Access Control Error vulnerability can be exploited by an attacker to connect to the attacker's specified web server using the attacker's specified credentials...
Jenkins SWAMP Plugin Cross-Site Request Forgery Vulnerability
Jenkins plug-ins are plug-ins that provide appropriate functionality for Jenkins. Jenkins SWAMP Plugin cross-site request forgery vulnerability. An attacker with general or read privileges can exploit this vulnerability to connect to a specified URL using a specified credential ID to capture...
Missing permission check in Jenkins SWAMP Plugin allows capturing credentials
SWAMP Plugin 1.2.6 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials...
GHSA-8P8Q-WVXX-JQ94 Missing permission check in Jenkins SWAMP Plugin allows capturing credentials
SWAMP Plugin 1.2.6 and earlier does not perform a permission check in a method implementing form validation. This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials...
GHSA-2PJ6-5HQC-W5X9 CSRF vulnerability in Jenkins SWAMP Plugin allows capturing credentials
WAMP Plugin 1.2.6 and earlier does not perform a permission check in a method implementing form validation.\ This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials...
CSRF vulnerability in Jenkins SWAMP Plugin allows capturing credentials
WAMP Plugin 1.2.6 and earlier does not perform a permission check in a method implementing form validation.\ This allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials...
CVE-2022-25212
A cross-site request forgery CSRF vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2022-25211
A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2022-25211
A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2022-25212
A cross-site request forgery CSRF vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2022-25211
A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials...
CVE-2022-25212
A cross-site request forgery CSRF vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials...
Design/Logic Flaw
A missing permission check in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified web server using attacker-specified credentials...
Cross site request forgery (csrf)
A cross-site request forgery CSRF vulnerability in Jenkins SWAMP Plugin 1.2.6 and earlier allows attackers to connect to an attacker-specified web server using attacker-specified credentials...