CVE-2024-49623

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in hasan movahed Duplicate Title Validate duplicate-title-validate allows Blind SQL Injection.This issue affects Duplicate Title Validate: from n/a through = 1.0...

CVE-2024-49623 WordPress Duplicate Title Validate plugin <= 1.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in hasan movahed Duplicate Title Validate duplicate-title-validate allows Blind SQL Injection.This issue affects Duplicate Title Validate: from n/a through = 1.0...

CVE-2024-49623

CVE-2024-49623 affects the WordPress plugin Duplicate Title Validate (versions n/a through 1.0). Described as an SQL Injection vulnerability due to improper neutralization of input, enabling Blind SQL Injection. Public details show the affected plugin and CVE in multiple feeds (WordPress/NVD, Pat...

CVE-2024-49623 WordPress Duplicate Title Validate plugin <= 1.0 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in hasan movahed Duplicate Title Validate duplicate-title-validate allows Blind SQL Injection.This issue affects Duplicate Title Validate: from n/a through = 1.0...

PT-2024-33578 · WordPress · Duplicate Title Validate

Name of the Vulnerable Software and Affected Versions: Duplicate Title Validate versions n/a through 1.0 Description: The issue is related to an SQL Injection vulnerability, specifically an improper neutralization of special elements used in an SQL command. This allows for Blind SQL Injection,...

WordPress plugin Duplicate Title Validate SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress Duplicate Title Validate plugin <= 1.0 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Muhamad Agil Fachrian Patchstack Alliance in WordPress Plugin Duplicate Title Validate versions = 1.0...

WordPress Duplicate Title Validate Plugin <= 1.0 is vulnerable to SQL Injection

Software Duplicate Title Validate Type Plugin Vulnerable versions = 1.0 Fixed in N/A OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-49623 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 62fe8295ce3c Credits Muhamad Agil Fachrian Required privilege...

CVE-2024-46802

...

CVE-2024-9687

The WP 2FA with Telegram plugin for WordPress is vulnerable to Authentication Bypass in versions up to, and including, 3.0. This is due to insufficient validation of the user-controlled key on the 'validatetg' action. This makes it possible for authenticated attackers, with subscriber-level...

PT-2024-39763 · WordPress · Wp 2Fa With Telegram

Name of the Vulnerable Software and Affected Versions: WP 2FA with Telegram plugin for WordPress versions up to, and including, 3.0 Description: The issue is due to insufficient validation of the user-controlled key on the 'validate tg' action. This makes it possible for authenticated attackers,...

Malicious code in pt-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce4c091ee99f34bd672788b16dab6db4b2d09b61bf4a01116168d840902586c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9245 Malicious code in pt-validate (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ce4c091ee99f34bd672788b16dab6db4b2d09b61bf4a01116168d840902586c4 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2024-47663

Technical details about CVE-2024-47663 are not provided in the supplied documents. The entries summarize a kernel fix in ad9834 frequency handling but do not include vendor/product specifics or patch details. Monitor for updates.

CVE-2024-21533

All versions of the package ggit are vulnerable to Arbitrary Argument Injection via the clone API, which allows specifying the remote URL to clone and the file on disk to clone to. The library does not sanitize for user input or validate a given URL scheme, nor does it properly pass command-line...

SUSE CVE-2024-46802

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dcvalidatestream Why prevent invalid memory access How check if dc and stream are NULL...

DEBIAN-CVE-2024-46814

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check msgid before processing transcation WHY & HOW HDCPMESSAGEIDINVALID -1 is not a valid msgid nor is it a valid array index, and it needs checking before used. This fixes 4 OVERRUN issues reported by Coverity...

DEBIAN-CVE-2024-46802

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: added NULL check at start of dcvalidatestream Why prevent invalid memory access How check if dc and stream are NULL...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not checking that dc and stream are NULL before executing the dcvalidatestream function.No details of the...

PT-2024-32329 · Dataease · Dataease

Name of the Vulnerable Software and Affected Versions: DataEase versions prior to 2.10.1 Description: The issue allows an attacker to achieve remote command execution by adding a carefully constructed h2 data source connection string. This can be done by sending a POST request to the...