WordPress Social proof testimonials and reviews by Repuso Plugin <= 5.01 is vulnerable to Cross Site Request Forgery (CSRF)

Software Social proof testimonials and reviews by Repuso Type Plugin Vulnerable versions = 5.01 Fixed in 5.02 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2023-45048 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID f56e0249a9...

CVE-2018-1000851

Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in wallet private key storage that can result in Users' private key can be compromised. . This attack appear to be exploitable via Affected version run the malicious code at startup . This vulnerability...

Design/Logic Flaw

Copay Bitcoin Wallet version 5.01 to 5.1.0 included. contains a Other/Unknown vulnerability in wallet private key storage that can result in Users' private key can be compromised. . This attack appear to be exploitable via Affected version run the malicious code at startup . This vulnerability...

NetCat CMS Multiple Vulnerabilities

NetCat CMS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PHP-Fusion 4/5 Setuser.PHP HTML Injection Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/12853/info PHP-Fusion is reportedly affected by a HTML injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input passed to the 'setuser.php' script before using it in...

ActiveFax RAW Server < 5.01 beta Multiple Buffer Overflow Vulnerabilities

ActiveFax RAW Server is prone to multiple buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Movable Type Unspecified Security Bypass Vulnerability (Jan 2010)

Movable Type is prone to an unspecified security bypass vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

PHPWind passport_client.php文件UPDATE参数远程SQL注入漏洞

PHPWind的实现上存在变量过滤漏洞，远程攻击者可能利用此漏洞执行SQL注入攻击，非授权操作数据库，完全控制论坛。 PHPWind的passportclient.php文件里变量没有初始化，可以通过构造特定的变量值判断： codeif!$passportifopen || $passporttype != 'client' exit"Passport closedPHPWind"; //可以提交“passportifopen =1&passporttype=client”绕过 ifmd5$action.$userdb.$forward.$passportkey != $verify...

PHP-Fusion 4/5 - &#039;Setuser.php&#039; HTML Injection

source: https://www.securityfocus.com/bid/12853/info PHP-Fusion is reportedly affected by a HTML injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input passed to the 'setuser.php' script before using it in dynamically generated content. This...

PHP-Fusion 45 - Setuser.php HTML Injection

PHP-Fusion 45 - Setuser.php HTML Injection source: https://www.securityfocus.com/bid/12853/info PHP-Fusion is reportedly affected by a HTML injection vulnerability. This issue is due to the application failing to properly sanitize user-supplied input passed to the 'setuser.php' script before usin...