3 matches found
Improper Encoding or Escaping of Output
Overview shescape is a simple shell escape library Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output in the escape function. An attacker can cause unintended expansion of shell arguments by supplying input containing square brackets, which may result in...
WordPress IDonate plugin 2.0.0 - 2.1.9 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion via admin_post_donor_delete Function vulnerability
WordPress IDonate plugin 2.0.0 - 2.1.9 - Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary User Deletion via adminpostdonordelete Function vulnerability discovered by kr0d in WordPress Plugin IDonate versions 2.0.0-2.1.9...
PT-2022-26150 · Lancet +1 · Lancet +1
Name of the Vulnerable Software and Affected Versions: Lancet versions prior to 2.1.10 Lancet versions prior to 1.3.4 Description: The issue is a ZipSlip problem that occurs when using the fileutil package to unzip files. This can be exploited when using the fileutil package. No information is...