26 matches found
EUVD-2019-19017
Malware in sbrugna...
EUVD-2025-30660
Malicious code in bioql PyPI...
CVE-2025-57994
Authorization Bypass Through User-Controlled Key vulnerability in Sayful Islam Upcoming Events Lists upcoming-events-lists allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Upcoming Events Lists: from n/a through = 1.4.0...
CVE-2025-57994
Authorization Bypass Through User-Controlled Key vulnerability in Sayful Islam Upcoming Events Lists upcoming-events-lists allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Upcoming Events Lists: from n/a through = 1.4.0...
WordPress Upcoming Events Lists Plugin <= 1.4.0 - Insecure Direct Object References (IDOR) Vulnerability
Insecure Direct Object References IDOR Vulnerability discovered by Nabil Irawan in WordPress Plugin Upcoming Events Lists versions = 1.4.0...
CVE-2025-57994 WordPress Upcoming Events Lists Plugin <= 1.4.0 - Insecure Direct Object References (IDOR) Vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Sayful Islam Upcoming Events Lists allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Upcoming Events Lists: from n/a through 1.4.0...
CVE-2025-57994
Technical details are not publicly available in the provided documents for CVE-2025-57994 (Upcoming Events Lists). Monitor for updates and rely on official advisories for affected versions, impact, and fixes.
CVE-2025-57994 WordPress Upcoming Events Lists Plugin <= 1.4.0 - Insecure Direct Object References (IDOR) Vulnerability
Authorization Bypass Through User-Controlled Key vulnerability in Sayful Islam Upcoming Events Lists upcoming-events-lists allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Upcoming Events Lists: from n/a through = 1.4.0...
PT-2025-38844
Name of the Vulnerable Software and Affected Versions Sayful Islam Upcoming Events Lists versions through 1.4.0 Description An authorization bypass exists due to user-controlled keys and incorrectly configured access control security levels in Upcoming Events Lists. This allows for bypassing...
WordPress plugin Upcoming Events Lists security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, with the ability to host personal blog sites on PHP and MySQL based servers.WordPress...
Qualys Updates Login Page to Improve User Experience and Highlight Latest Qualys News
With an eye to updating the overall user experience UI, continuing to fortify security, and keeping you informed of the latest Qualys news, were optimizing our login at the end of May 2024. This UI overhaul of sorts aims not only to refresh the aesthetic appeal but also to integrate robust...
What Old is New Again and What's Old is Me?
Welcome to this weeks edition of the Threat Source newsletter. Whats old is new again and whats old is still old. The fact that we are seeing a comeback of this USB thumb drive nonsense is giving me heartburn, and a headache, and my left eye is twitching … and maybe numbness in my legs? Yes, I am...
Threat Source newsletter (Sept. 26)
Newsletter compiled by Jon Munshaw. Welcome to this week’s Threat Source newsletter — the perfect place to get caught up on all things Talos from the past week. An attacker known as “Tortoiseshell” is using a phony, malicious website to deliver malware. The site specifically targets U.S. military...
MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1231 Version: 1.32 Tested on: Ubuntu 18.04 CVE:...
MyBB Upcoming Events 1.32 Cross Site Scripting
Exploit Title: MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting Date: 3/8/2019 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1231 Version: 1.32 Tested on: Ubuntu 18.04 CVE: CVE-2019-9650 1. Description: This plugin...
MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting
MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting Exploit Title: MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting Date: 3/8/2019 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1231 Version: 1.32 Tested on: Ubuntu...
MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting
Exploit Title: MyBB Upcoming Events Plugin 1.32 - Cross-Site Scripting Date: 3/8/2019 Author: 0xB9 Twitter: @0xB9Sec Contact: 0xB9atpm.me Software Link: https://community.mybb.com/mods.php?action=view&pid=1231 Version: 1.32 Tested on: Ubuntu 18.04 CVE: CVE-2019-9650 1. Description: This plugin...
CVE-2019-9650
An XSS issue was discovered in upcomingevents.php in the Upcoming Events plugin before 1.33 for MyBB via a crafted name for an event...
CVE-2019-9650
An XSS issue was discovered in upcomingevents.php in the Upcoming Events plugin before 1.33 for MyBB via a crafted name for an event...
Cross site scripting
An XSS issue was discovered in upcomingevents.php in the Upcoming Events plugin before 1.33 for MyBB via a crafted name for an event...