222 matches found
CVE-2023-1289
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial o...
SUSE CVE-2011-2753
Multiple cross-site request forgery CSRF vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving 1 the empty trash implementation and 2 the Index Order aka optionsorder page, a different issue than...
Apache Zeppelin input validation error vulnerability
Apache Zeppelin is a Web-based open source notebook application from the Apache Foundation that supports interactive data analysis and collaborative documentation. Apache Zeppelin is vulnerable to an input validation error that results from improper input validation in its Move folder to Trash...
Apache Zeppelin 输入验证错误漏洞
Apache Zeppelin is a Web-based open source notebook application from the Apache Foundation that supports interactive data analysis and collaborative documentation. Apache Zeppelin is vulnerable to an input validation error that results from improper input validation in its Move folder to Trash...
PT-2022-9904 · Apache · Apache Zeppelin
Name of the Vulnerable Software and Affected Versions: Apache Zeppelin versions 0.9.0 and prior versions Description: The issue is related to improper Input Validation in the "Move folder to Trash" feature of Apache Zeppelin, allowing an attacker to delete arbitrary files. Recommendations: For...
Documents in trash accessible by Viewer role
Description Once a document is archived or deletec, there is no way to access it through the UI or the Document link. But, the API gives the file information and content. This is same with archived files. Proof of Concept 1. Give a user Viewer role. 2. Visit https://your.getoutline.com/trash or...
CVE-2021-25116
The Enqueue Anything WordPress plugin through 1.0.1 does not have authorisation and CSRF checks in the removeasset AJAX action, and does not ensure that the item to be deleted is actually an asset. As a result, low privilege users such as subscriber could delete arbitrary assets, as well as put...
CVE-2021-25116
The Enqueue Anything WordPress plugin through 1.0.1 does not have authorisation and CSRF checks in the removeasset AJAX action, and does not ensure that the item to be deleted is actually an asset. As a result, low privilege users such as subscriber could delete arbitrary assets, as well as put...
PT-2022-9671 · WordPress · Enqueue Anything
Name of the Vulnerable Software and Affected Versions: Enqueue Anything WordPress plugin versions 1.0.0 through 1.0.1 Description: The issue is related to the lack of authorization and CSRF checks in the remove asset AJAX action. This allows low-privilege users, such as subscribers, to delete...
Visual Form Builder < 3.0.8 - Entries Deletion/Restoration via CSRF
The plugin does not enforce nonce checks which could allow attackers to make a logged in admin or editor delete and restore arbitrary form entries via CSRF attacks Single entry trash: https://example.com/wp-admin/admin.php?page=vfb-entries&action=trash&entry=2 Since entry permanent deletion:...
An Optical Spy Trick Can Turn Any Shiny Object Into a Bug
Anything from a metallic Rubik’s cube to an aluminum trash can inside a room could give away your private conversations...
Session fixation
Apostrophe CMS versions prior to 3.3.1 did not invalidate existing login sessions when disabling a user account or changing the password, creating a situation in which a device compromised by a third party could not be locked out by those means. As a mitigation for older releases the user account...
WordPress: Allow authenticated users can edit, trash,and add new in BuddyPress Emails function
Description: Allow author can edit, trash,and add new your posts in BuddyPress Emails function And editor can edit,trash, add new any posts in BuddyPress Emails default. Steps To Reproduce: Step 1 : Create two accounts: Admin and Author Step 2: Login with admin account. In admin account, give...
CVE-2020-10456
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/trash-box.php by adding a question mark ? followed by the payload...
CVE-2020-10456
The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/trash-box.php by adding a question mark ? followed by the payload...
PT-2020-12126 · Chadha · Chadha Phpkb Standard Multi-Language
Name of the Vulnerable Software and Affected Versions: Chadha PHPKB Standard Multi-Language version 9 Description: The issue concerns the handling of URIs in admin/header.php, which allows for Reflected XSS attacks. This can be exploited by injecting arbitrary web script or HTML in...
The vulnerability of Blink’s web page display mechanism in the Google Chrome web browser allows attackers to compromise data integrity, gain unauthorized access to protected information, and cause service interruptions.
The vulnerability of Blink’s web page rendering mechanism in the Google Chrome browser is related to the reutilization of dynamic memory after it is freed by a “trash collector”. Exploiting this vulnerability can allow an attacker to compromise data integrity, gain unauthorized access to protecte...
CVE-2018-14575
Trash Bin plugin 1.1.3 for MyBB has cross-site scripting XSS via a thread subject and a cross-site request forgery CSRF via a post subject...
CVE-2018-14575
Trash Bin plugin 1.1.3 for MyBB has cross-site scripting XSS via a thread subject and a cross-site request forgery CSRF via a post subject...
CVE-2018-14575
Trash Bin plugin 1.1.3 for MyBB has cross-site scripting XSS via a thread subject and a cross-site request forgery CSRF via a post subject...