EUVD-2018-12928

Malware in sbrugna...

EUVD-2005-3016

Malware in sbrugna...

CVE-2024-1168

The SEOPress – On-site SEO plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's social image URL in all versions up to, and including, 7.9 due to insufficient input sanitization and output escaping on user supplied image URLs. This makes it possible for authenticated...

CVE-2024-23613

A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM...

PT-2024-19968 · Symantec · Symantec Deployment Solution

Name of the Vulnerable Software and Affected Versions: Symantec Deployment Solution version 7.9 Description: A buffer overflow vulnerability exists when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this issue to achieve remote code execution as SYSTEM. Recommendations:...

PT-2022-26939 · Unknown · Salon Booking System

Name of the Vulnerable Software and Affected Versions: Salon booking system versions prior to 7.9 Description: A cross-site scripting issue allows a remote unauthenticated attacker to inject an arbitrary script. Recommendations: For versions prior to 7.9, update to version 7.9 or later to resolve...

GitLab 7.9.x < 14.5.4, 14.6.x < 14.6.4, 14.7.x < 14.7.1 DNS Rebinding Vulnerability

GitLab is prone to a DNS rebinding vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitlab:gitlab"; if description...

SEO Redirection < 7.9 - Arbitrary Redirect Deletion via CSRF

The plugin does have CSRF in place, allowing attackers to make logged in admin delete arbitrary Custom and Post Redirects via a CSRF attack. v...

Opencast < 7.9, 8.0 < 8.9 Hostname Verification Vulnerability

Opencast is prone to a hostname verification vulnerability. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; y...

Security Bulletin: Vulnerabilities in libxml2 and zlib affect IBM RackSwitch Products

Summary IBM RackSwitch Products listed below have addressed the following vulnerabilities in libxml2 and zlib. Vulnerability Details Summary IBM RackSwitch Products listed below have addressed the following vulnerabilities in libxml2 and zlib. Vulnerability Details: CVEID: CVE-2016-4658...

CVE-2019-6110

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server or Man-in-The-Middle attacker can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred...

HP Client 9.19.08.17.9 - Command Injection

HP Client 9.19.08.17.9 - Command Injection Exploit Title: HP Client - Automation Command Injection Date: 10/10/2016 Exploit Author: SlidingWindow , Twitter: @kapilkhot Vendor Homepage: Previosuly HP, now http://www.persistentsys.com/ Version: Tested on version 7.9 but should work on 8.1, 9.0, 9.1...

WebGUI 7.9.x / 7.10.x <= 7.10.29 Search Field XSS

Binary data 8890.prm...

ManageEngine SupportCenter Plus < 7.9 Build 7917 attach Parameter Directory Traversal

The remote host is running a version of ManageEngine SupportCenter Plus prior to version 7.9 build 7917. It is, therefore, affected by a directory traversal vulnerability related to 'WorkOrder.do' and attachments that could allow an attacker to download sensitive files. %NASLMINLEVEL 70300 C...

ManageEngine SupportCenter Plus < 7.9 Build 7905 Multiple Vulnerabilities

The remote host is running a version of ManageEngine SupportCenter Plus less than 7.9 build 7905. Such versions are affected by multiple vulnerabilities: - A SQL injection vulnerability in the 'countSql' parameter of the '/servlet/AJaxServlet' script. - Multiple stored cross-site scripting...

QuickEStore 7.9 SQL Injection

======================================================================================== | Title : QuickEStore v.7.9 SQLInjection and Path Diclosure Download Vulnerability| | Author : indoushka | | email : [email protected] | | Home : Souk Naamane - 04325 - Oum El Bouaghi - Algeria...

PHP-Nuke 8.0 - sid SQL Injection

PHP-Nuke 8.0 - sid SQL Injection version Tested on 7.9 & 6.0 '; if $argc table prefix\n"; print "ex.: " . $argv0 . " phpnuke.org 7\n"; credits; exit; / few definitions / if empty$argv3 $prefix = 'nuke'; define tables prefix else $prefix = $argv3; switch $argv2 case "6": $query...

waraxe-2006-SA-044.txt

================================================================================ waraxe-2006-SA044 ================================================================================ XSS in phpNuke 7.8 and older versions ===============================================================================...

SecurityAlert SA025 : PHPNuke Remote Directory Traversal

Author: sp3x Date: 19. October 2005 Affected software : =================== PHPNuke version : 7.8 - 7.9 + patch 3.1 Description : ============= PHP-Nuke is a Web Portal System, storytelling software, News system, online community or w hatever you want to call it. The goal of PHP-Nuke is to have a...