PT-2024-33456 · Unknown · Akismet Htaccess Writer

Name of the Vulnerable Software and Affected Versions: Akismet htaccess writer versions 1.0.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS attacks. Recommendation...

RUSTSEC-2023-0095 Invalid Slice Split Results in Server Panic

A vulnerability was discovered in the odoh-rs rust crate that stems from faulty logic during the parsing of encrypted queries. This issue specifically occurs when processing encrypted query data received from remote clients. Impact An attacker with knowledge of this vulnerability could craft and...

PT-2023-17225

Name of the Vulnerable Software and Affected Versions Akbim Computer Panon versions prior to 1.0.2 Description The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for SQL Injection attacks. Recommendations F...

Nexevo Contact Form, Backdoor

Nexevo Contact Form, Backdoor Resolution: update to 1.0.2 Users should also check for the existence of a plugin called System - Section among their installed extensions. It is malware and needs to be removed and the site treated as hacked. Further information here:...

Calendar Planner 1.0.1 - SQL Injection

Calendar Planner 1.0.1 - SQL Injection resolution: update to 1.0.2 update notice: http://www.joomlathat.com/news/news/calendar-planner/calendar-planner-1-0-2-security-release...