11 matches found
LibreNMS security vulnerabilities
LibreNMS is an open-source network monitoring system developed by the LibreNMS community, based on PHP and MySQL. This system features custom alerts, automatic discovery of networks, and automatic updates. Version 1.46 of LibreNMS contains a security vulnerability, which stems from improper...
CVE-2023-25964
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Noah Hearle, Design Extreme We’re Open! plugin = 1.46 versions...
Appsmith 安全漏洞
Appsmith is an open source platform for building, deploying, and maintaining on-premise applications from Appsmith Open Source. A security vulnerability exists in Appsmith prior to version 1.46 that stems from the retrieval of AWS metadata credentials via cross-site request forgery...
PT-2024-34622 · Appsmith · Appsmith
Name of the Vulnerable Software and Affected Versions: AppSmith Community versions 1.8.3 through 1.46 Description: The issue allows for Server-Side Request Forgery SSRF via the New DataSource feature for application/json requests to the IP address 169.254.169.254, which is used to retrieve AWS...
CVE-2023-25964
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Noah Hearle, Design Extreme We’re Open! plugin = 1.46 versions...
PT-2023-20391 · Unknown · Design Extreme We’Re Open!
Name of the Vulnerable Software and Affected Versions: Design Extreme We’re Open! plugin versions 1.46 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For Design Extreme We’re...
WordPress We’re Open! Plugin <= 1.46 is vulnerable to Cross Site Scripting (XSS)
Software We’re Open! Type Plugin Vulnerable versions = 1.46 Fixed in 1.47 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25964 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 7dec04029e56 Credits TaeEun Lee Required privilege...
CVE-2022-35911
On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced...
PT-2022-23017 · Patlite · Patlite Nh-Fb Series
Name of the Vulnerable Software and Affected Versions: Patlite NH-FB series devices through 1.46 Description: Remote attackers can cause a denial of service by omitting the query string. However, the vendor's perspective is that omitting the query string does not cause a denial of service and the...
WordPress SrbTransLatin Plugin Cross-Site Scripting Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development , the platform supports in PHP and MySQL server set up personal blog site . SrbTransLatin plugin is used in one of the language conversion plugin . A cross-site scripting vulnerability exists ...
gCards <= 1.46 SQL Injection/Remote Code Execution Exploit
No description provided by source. !/usr/bin/php -q -d shortopentag=on ?php errorreporting0; iniset"maxexecutiontime",0; iniset"defaultsockettimeout",5; if $argc4 print "-------------------------------------------------------------------------\r\n"; print " gCards = 1.46 SQL Injection/Remote Code...