3 matches found
CVE-2026-8608
The Event Monster – Event Management, Events Calendar, Tickets plugin for WordPress is vulnerable to Insufficient Verification of Data Authenticity in versions up to, and including, 2.1.0. This is due to the capturepayment AJAX handler registered via wpajaxnoprivemcapturepayment trusting...
DEBIAN-CVE-2022-45141
Since the Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability was disclosed by Microsoft on Nov 8 2022 and per RFC8429 it is assumed that rc4-hmac is weak, Vulnerable Samba Active Directory DCs will issue rc4-hmac encrypted tickets despite the target server supporting better encryption...
Struts2 Remote Command Execution Vulnerability in Palm Ticket Issuance System
Pocket Airline Ticket Issuance System is a ticket issuance system of Beijing Aihong Technology Co. A Struts2 remote command execution vulnerability exists in the Pocket Ticket Issuance System. This vulnerability allows an attacker to remotely execute commands to gain server privileges...