CVE-2024-37933

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in anhvnit Woocommerce OpenPos.This issue affects Woocommerce OpenPos: from n/a through 6.4.4...

WordPress plugin Woocommerce OpenPos SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

PT-2024-22243 · Apiris · Apiris Kafeo

Name of the Vulnerable Software and Affected Versions: Apiris Kafeo version 6.4.4 Description: An issue was discovered that permits a bypass of the protection in place, allowing access to the data stored in the embedded database file. Recommendations: For Apiris Kafeo version 6.4.4, at the moment...

PT-2023-24302 · Really Simple Plugins · Really Simple Plugins Complianz Premium +1

Name of the Vulnerable Software and Affected Versions: Really Simple Plugins Complianz versions through 6.4.4 Really Simple Plugins Complianz Premium versions through 6.4.6.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that also allows Cross-Site Scripting XSS in...

Cross site scripting

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiAnalyzer version 6.0.6 and below, version 6.4.4 allows attacker to execute unauthorized code or commands via specifically crafted requests to the web GUI...

Fortinet FortiManager 安全漏洞

Fortinet FortiManager is a centralized network security management platform from Fortinet. The platform supports centralized management of any number of Fortinet devices, and can group devices into different management domains ADOM to further simplify the deployment and management of multi-device...

CVE-2021-24013

Multiple Path traversal vulnerabilities in the Webmail of FortiMail before 6.4.4 may allow a regular user to obtain unauthorized access to files and data via specifically crafted web requests...

Wing FTP Cross-Site Scripting Vulnerability

Wing FTP Server is a cross-platform FTP server software. A cross-site scripting vulnerability exists in Wing FTP version 6.4.4, where an arbitrary IFRAME element can be included in a help page via a specially crafted link, which can be exploited by an attacker to execute sandbox arbitrary HTML an...

Libre Office Multiple Vulnerabilities (Jun 2020) - Linux

Libre Office is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

LibreOffice Multiple Vulnerabilities (Jun 2020) - Windows

LibreOffice is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:libreoffice:libreoffice";...

Deserialization of untrusted data

ODF documents can contain forms to be filled out by the user. Similar to HTML forms, the contained form data can be submitted to a URI, for example, to an external web server. To create submittable forms, ODF implements the XForms W3C standard, which allows data to be submitted without the need f...

Design/Logic Flaw

LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed...

CVE-2020-12802 remote graphics contained in docx format retrieved in 'stealth mode'

LibreOffice has a 'stealth mode' in which only documents from locations deemed 'trusted' are allowed to retrieve remote resources. This mode is not the default mode, but can be enabled by users who want to disable LibreOffice's ability to include remote resources within a document. A flaw existed...

Splunk Enterprise HTTP Request Injection Vulnerability (SP-CAAAPSR)

Splunk Enterprise is prone to a HTTP request injection vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Red Hat JBoss Enterprise Application Platform (EAP) < 6.4.4 Multiple Vulnerabilities

Red Hat JBoss Enterprise Application Platform EAP is prone to multiple vulnerabilities. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Splunk Enterprise SSRF Vulnerability (SP-CAAAPSR)

Splunk Enterprise is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

iBackDoor: the suspected back door, the impact of the iOS app a high risk of code-bug warning-the black bar safety net

! Recently, FireEye Mobile Security researchers discovered embedded into the iOS app in the suspected“back door”behavior mobiSage advertising in the library, and these applications are from the App Store. The researchers will be the potential of the back door called iBackDoor, allowing hackers...

GL-SH Deaf Forum <= 6.4.4 - Local File Inclusion Vulnerabilities

No description provided by source. GL-SH Deaf Board Version = 6.4.4 local file inclusion download: http://www.frank-karau.de/download/Deafforumversion6.4.3.zip found by: Katatafish [email protected] google dork:2005 www.frank-karau.de | 2006 www.frank-karau.de exploit:...

GL-SH Deaf Forum 6.4.4 - Local File Inclusion

GL-SH Deaf Board Version = 6.4.4 local file inclusion download: http://www.frank-karau.de/download/Deafforumversion6.4.3.zip found by: Katatafish [email protected] google dork:"2005 www.frank-karau.de" | "2006 www.frank-karau.de" exploit:...

GL-SH Deaf Forum 6.4.4 - Local File Inclusion

GL-SH Deaf Forum 6.4.4 - Local File Inclusion GL-SH Deaf Board Version = 6.4.4 local file inclusion download: http://www.frank-karau.de/download/Deafforumversion6.4.3.zip found by: Katatafish [email protected] google dork:"2005 www.frank-karau.de" | "2006 www.frank-karau.de" exploit:...