Lucene search
K

71 matches found

CNNVD
CNNVD
added 2022/10/03 12:0 a.m.4 views

WordPress plugin Donation Thermometer 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. cross-site scripting vulnerability exists in versions prior to WordPress Donation Thermometer 2.1.3. The...

4.8CVSS5.7AI score0.00554EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2022/10/03 12:0 a.m.3 views

PT-2022-20662 · WordPress · Donation Thermometer

Name of the Vulnerable Software and Affected Versions: Donation Thermometer WordPress plugin versions prior to 2.1.3 Description: The issue allows high privilege users, such as admins, to perform Stored Cross-Site Scripting attacks. This can occur even when the unfiltered html capability is...

4.8CVSS4.6AI score0.00554EPSS
Exploits2References6
WPVulnDB
WPVulnDB
added 2022/09/07 12:0 a.m.11 views

Donation Thermometer < 2.1.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup PoC Put the following payload in the Settings...

4.8CVSS0.4AI score0.00554EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2022/09/07 12:0 a.m.422 views

Donation Thermometer < 2.1.3 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup Put the following payload in the Settings...

4.8CVSS0.1AI score0.00554EPSS
Exploits2
Patchstack
Patchstack
added 2022/09/07 12:0 a.m.22 views

WordPress Donation Thermometer plugin <= 2.1.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas in WordPress Donation Thermometer plugin versions = 2.1.2. Solution Update the WordPress Donation Thermometer plugin to the latest available version at least 2.1.3...

4.8CVSS2.3AI score0.00554EPSS
Exploits2References1Affected Software1
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/06/20 8:22 p.m.2 views

Malicious code in meshblu-connector-arc-thermometer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f1869e723aea9d866700e89b3eaa39a2866762e0d10d4bebe7419833a14567e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/06/20 8:22 p.m.5 views

MAL-2022-4565 Malicious code in meshblu-connector-arc-thermometer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9f1869e723aea9d866700e89b3eaa39a2866762e0d10d4bebe7419833a14567e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
NVD
NVD
added 2019/08/26 1:15 p.m.29 views

CVE-2019-15304

Lierda Grill Temperature Monitor V1.0050006 has a default password of admin for the admin account, which allows an attacker to cause a Denial of Service or Information Disclosure via the undocumented access-point configuration page located on the device. This wifi thermometer app requests and...

9.1CVSS9.1AI score0.03376EPSS
Exploits1References4
Prion
Prion
added 2019/08/26 1:15 p.m.20 views

Default credentials

Lierda Grill Temperature Monitor V1.0050006 has a default password of admin for the admin account, which allows an attacker to cause a Denial of Service or Information Disclosure via the undocumented access-point configuration page located on the device. This wifi thermometer app requests and...

6.4CVSS9AI score0.03376EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2019/08/26 12:35 p.m.42 views

CVE-2019-15304

CVE-2019-15304 affects ProGrade/Lierda Grill Temperature Monitor V1.00_50006. A default admin password enables an attacker to cause Denial of Service or Information Disclosure through the device’s undocumented access-point configuration page. The vulnerability stems from hard-coded credentials (a...

9.1CVSS9AI score0.03376EPSS
Exploits1References4Affected Software1
Exploit DB
Exploit DB
added 2018/10/16 12:0 a.m.566 views

Heatmiser Wifi Thermostat 1.7 - Credential Disclosure

Exploit Title: Heatmiser Wifi Thermostat 1.7 - Credential Disclosure Dork: intitle:"Heatmiser Wifi Thermostat" Date: 2018-08-17 Exploit Author: d0wnp0ur Original Discoverer: Andrew Tierney Vendor Lnk: https://www.heatmiser.com/en/ Product Link: https://www.heatmiser.com/en/wireless-thermostats/...

7.4AI score
Exploits0
HackRead
HackRead
added 2018/04/16 2:41 p.m.69 views

Hackers attack Casino’s fish tank thermometer to obtain sensitive data

By Waqas The Internet of Things IoT has transformed the way we This is a post from HackRead.com Read the original post: Hackers attack Casino’s fish tank thermometer to obtain sensitive data...

3.1AI score
Exploits0
The Hacker News
The Hacker News
added 2018/04/16 10:14 a.m.85 views

Casino Gets Hacked Through Its Internet-Connected Fish Tank Thermometer

Internet-connected technology, also known as the Internet of Things IoT, is now part of daily life, with smart assistants like Siri and Alexa to cars, watches, toasters, fridges, thermostats, lights, and the list goes on and on. But of much greater concern, enterprises are unable to secure each a...

0.2AI score
Exploits0
Packet Storm
Packet Storm
added 2016/06/16 12:0 a.m.55 views

Papouch Backdoor Account / CSRF / Missing Authentication

+++++ Vulnerable Products 1. Papouch TME Ethernet thermometer 2. Papouch TME multi: Temperature and humidity via Ethernet All versions affected TME - Ethernet Thermometer http://www.papouch.com/en/shop/product/tme-ip-ethernet-thermometer/ TME multi: Temperature and humidity via Ethernet...

0.8AI score
Exploits0
hackapp
hackapp
added 2016/04/01 9:38 a.m.8 views

Smart Thermometer - Exported components, External URLs, Suspicious files vulnerabilities

HackApp vulnerability scanner discovered that application Smart Thermometer published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:36 a.m.15 views

DS Thermometer - Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application DS Thermometer published at the 'play' market has multiple vulnerabilities...

1.1AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:36 a.m.9 views

S4 Thermometer 3DHD - Dynamic Code Loading, External URLs, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application S4 Thermometer 3DHD published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:36 a.m.10 views

Thermometer - Dynamic Code Loading, External URLs, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application Thermometer published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:36 a.m.11 views

Smart Thermometer - Customized SSL, Dangerous filesystem permissions, WebView SSL handling enabled vulnerabilities

HackApp vulnerability scanner discovered that application Smart Thermometer published at the 'play' market has multiple vulnerabilities...

0.3AI score
Exploits0References1Affected Software1
hackapp
hackapp
added 2016/04/01 9:36 a.m.11 views

Thermometer - Dynamic Code Loading, External URLs, Unsafe deleting vulnerabilities

HackApp vulnerability scanner discovered that application Thermometer published at the 'play' market has multiple vulnerabilities...

0.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder