CVE-2023-32104

Cross-Site Request Forgery CSRF vulnerability in Mark Tilly MyCurator Content Curation plugin = 3.74 versions...

CVE-2024-31224

GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gptacademic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...

CVE-2024-31224

GPT Academic’s CVE-2024-31224 affects versions 3.64–3.73 of the GPT Academic interface. The root cause is unsafe deserialization of data from the client, which may allow remote code execution when the service is exposed to the Internet. The issue is mitigated by upgrading to version 3.74, which c...

CVE-2024-31224 GPT Academic: Pickle deserializing cookies may pose RCE risk

GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gptacademic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

CVE-2023-23324

Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain hardcoded credentials for the Administrator account...

Zumtobel Netlink CCD Onboard Security Breach

The Zumtobel Netlink CCD Onboard is a gateway control unit device from Zumtobel Austria. A security vulnerability exists in the Zumtobel Netlink CCD Onboard 3.74 onboard version 3.80 firmware version, which originates when the system contains hard-coded credentials for the administrator account...

WordPress Plugin MyCurator Content Curation 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

Popup Builder < 3.74 - Authenticated Reflected Cross-Site Scripting (XSS)

The "All Subscribers" setting page of Popup Builder was vulnerable to reflected Cross-Site Scripting. PoC http://example.com/wp-admin/edit.php?posttype=popupbuilder=sgpbSubscribers&sgpb-subscribers-date;=%22%3E%3Cscript%3Ealert%28origin%29%3C%2Fscript%3E Video:...

SigPlus Pro ActiveX Control 'LCDWriteString()' Buffer Overflow Vulnerability

This host is installed with SigPlus Pro ActiveX Control and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbsigplusproactivexcontrolbofvuln.nasl 5373 2017-02-20 16:27:48Z teissa $ SigPlus Pro ActiveX Control 'LCDWriteString' Buffer Overflow Vulnerability Authors: Soor...