CVE-2017-1000239

InvoicePlane version 1.4.10 is vulnerable to a Stored Cross Site Scripting resulting in allowing an authenticated user to inject malicious client side script which will be executed in the browser of users if they visit the manipulated site...

CVE-2024-30494

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in 沈唁 OSS Aliyun.This issue affects OSS Aliyun: from n/a through 1.4.10...

PT-2024-17250 · WordPress · Pcrecruiter Extensions

Name of the Vulnerable Software and Affected Versions: PCRecruiter Extensions plugin for WordPress versions up to, and including, 1.4.10 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'PCRecruiter' shortcode due to insufficient input sanitization and output...

WordPress plugin PCRecruiter Extensions 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripti...

CVE-2024-9209

The WP Search Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 1.4.10. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

WordPress WP Search Analytics plugin <= 1.4.10 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by vgo0 in WordPress Plugin WP Search Analytics versions = 1.4.10...

WordPress plugin WP Search Analytics 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

PT-2024-39491 · WordPress · Wp Search Analytics

Name of the Vulnerable Software and Affected Versions: WP Search Analytics plugin for WordPress versions up to, and including, 1.4.10 Description: The WP Search Analytics plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add query arg without appropriate...

PT-2024-12166 · Codepeople · Codepeople Cp Multi View Event Calendar

Name of the Vulnerable Software and Affected Versions: CodePeople CP Multi View Event Calendar versions 1.4.10 and earlier Description: The issue is related to a Missing Authorization vulnerability, allowing functionality misuse in the CodePeople CP Multi View Event Calendar. Recommendations: For...

WordPress OSS Aliyun Plugin <= 1.4.10 is vulnerable to SQL Injection

Software OSS Aliyun Type Plugin Vulnerable versions = 1.4.10 Fixed in 1.4.11 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2024-30494 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID f4acc3b1af32 Credits Majed Refaea Required privilege Administrator...

HashiCorp Nomad 安全漏洞

HashiCorp Nomad is a simple and flexible scheduler and orchestrator from HashiCorp USA. for managing containerized and non-containerized applications at scale, both locally and in the cloud. A security vulnerability exists in HashiCorp Nomad and Nomad Enterpris that stems from the use of unlabele...

CVE-2023-31060

Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise...

CVE-2023-31061

Repetier Server through 1.4.10 does not have CSRF protection...

Repetier Server 安全漏洞

Repetier Server is a free desktop application from Repetier Server, Inc. A security vulnerability exists in Repetier Server versions 1.4.10 and earlier that originates from allowing operations to be performed as SYSTEM...

Repetier Server 路径遍历漏洞

Repetier Server is a free desktop application from Repetier Server, Inc. A security vulnerability exists in Repetier Server version 1.4.10 and prior versions that stems from the presence of a directory traversal vulnerability...

Repetier Server 跨站请求伪造漏洞

Repetier Server is a free desktop application from Repetier Server, Inc. A security vulnerability exists in Repetier Server version 1.4.10 and prior versions that stems from the lack of cross-site request forgery protection...

OESA-2023-1214 zstd security update

Zstd is a fast lossless compression algorithm. It's backed by a very fast entropy stage,provided by Huff0 and FSE library. It's a real-time compression scenario for zlib levels and has a better compression ratio. Security Fixes: A vulnerability was found in zstd v1.4.10, where an attacker can...

A vulnerability was found in zstd v1.4.10 where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.

...

DEBIAN-CVE-2022-4899

A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun...

WordPress Store Locator WordPress Plugin <= 1.4.9 is vulnerable to Cross Site Scripting (XSS)

Software Store Locator WordPress Type Plugin Vulnerable versions = 1.4.9 Fixed in 1.4.10 OWASP Top 10 A5: Broken Access Control Classification Cross Site Scripting XSS CVE CVE-2023-27618 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID fa355c2bcc3a Credits Abdi Pranata...