EUVD-2024-31297

Malicious code in bioql PyPI...

CVE-2024-33564

Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8...

CVE-2024-33563

Missing Authorization vulnerability in 8theme XStore.This issue affects XStore: from n/a through 9.3.8...

WordPress plugin XStore security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-25329 · 8Theme · 8Theme Xstore

Name of the Vulnerable Software and Affected Versions: 8theme XStore versions n/a through 9.3.8 Description: A Missing Authorization vulnerability affects 8theme XStore. The issue allows for exploitation due to missing authorization checks. No information is provided about the estimated number of...

WordPress XStore theme <= 9.3.8 - Unauthenticated Local File Inclusion vulnerability

Unauthenticated Local File Inclusion vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme XStore versions = 9.3.8...

WordPress XStore theme <= 9.3.8 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Theme XStore versions = 9.3.8...

WordPress XStore Theme <= 9.3.8 is vulnerable to Local File Inclusion

Software XStore Type Theme Vulnerable versions = 9.3.8 Fixed in 9.3.9 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-33560 Patch priority High CVSS severity High 9 Developer Claim ownership PSID 6dff12fe54af Credits Rafie Muhammad Patchstack Required privilege...

FreeBSD : Grafana -- Stored XSS in TraceView panel (e7841611-b808-11ed-b695-6c3be5272acd)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e7841611-b808-11ed-b695-6c3be5272acd advisory. - Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch,...

FreeBSD : Grafana -- Stored XSS in geomap panel plugin via attribution (e2a8e2bd-b808-11ed-b695-6c3be5272acd)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the e2a8e2bd-b808-11ed-b695-6c3be5272acd advisory. - Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch,...

GHSA-HJV9-HM2F-RPCJ Grafana vulnerable to Cross-site Scripting

Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript...

XSS In Geomap Via Attribution

Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to map attributions weren’t properly sanitized and allowed arbitrary JavaScript...

Drupal Multiple Vulnerabilities in Third-party Library (SA-CORE-2022-005) - Windows

Drupal is prone to multiple vulnerabilities in a third-party library. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...