362 matches found
PT-2023-22033 · Unknown · Veon Computer Service Tracking
Name of the Vulnerable Software and Affected Versions: Veon Computer Service Tracking Software versions prior to 2.0 Veon Computer Service Tracking Software versions through 20231122 Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special...
CVE-2023-31087
Cross-Site Request Forgery CSRF vulnerability in JoomSky JS Job Manager plugin = 2.0.0 versions...
CVE-2023-47223 WordPress Basic Interactive World Map Plugin <= 2.0 is vulnerable to Cross Site Scripting (XSS)
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in WP Map Plugins Basic Interactive World Map plugin = 2.0 versions...
QNAP Systems QUSBCam2 Operating System Command Injection Vulnerability
QNAP Systems QUSBCam2 is an application from QNAP Systems, Inc. allows the use of a USB webcam as a remotely manageable IP ONVIF camera for cheaper and easier deployment of surveillance systems in the home or small office. The QNAP Systems QUSBCam2 version 2.0.x vulnerability stems from the...
JTEKT ELECTRONICS OnSinView2 Buffer Error Vulnerability
JTEKT ELECTRONICS OnSinView2 is an application from JTEKT ELECTRONICS, Inc. A security vulnerability exists in JTEKT ELECTRONICS OnSinView2 version 2.0.1 and prior versions, which stems from an improperly restricted operation within a memory buffer. The vulnerability can be exploited by an attack...
PT-2023-25220 · Iq Wifi 6 · Iq Wifi 6
Name of the Vulnerable Software and Affected Versions: IQ Wifi 6 versions prior to 2.0.2 Description: An unauthorized user could gain account access by conducting a brute force authentication attack. Recommendations: For IQ Wifi 6 versions prior to 2.0.2, update to version 2.0.2 or later to resol...
PT-2023-26247 · Unknown · Chengdu Flash Flood Disaster Monitoring/Warning System
Name of the Vulnerable Software and Affected Versions: Chengdu Flash Flood Disaster Monitoring and Warning System version 2.0 Description: A vulnerability was found in the Chengdu Flash Flood Disaster Monitoring and Warning System. It affects some unknown functionality of the file...
PT-2023-25719 · Livelyworks · Livelyworks Articart
Name of the Vulnerable Software and Affected Versions: LivelyWorks Articart version 2.0.1 Description: A vulnerability has been found in LivelyWorks Articart, affecting an unknown functionality of the file "/items/search". The manipulation of the search term argument leads to cross-site scripting...
WordPress plugin WP Brutal AI SQL注入漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerability exists i...
WordPress plugin Wp Ultimate Review 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
POS Codekop 跨站脚本漏洞
POS Codekop is an application. A security vulnerability exists in POS Codekop version 2.0, which stems from the presence of a cross-site request forgery CSRF vulnerability. An attacker can exploit the vulnerability to elevate privileges...
PT-2023-11553 · Yzcms · Yzcms
Name of the Vulnerable Software and Affected Versions: yzCMS version 2.0 Description: A Cross Site Request Forgery issue allows a remote attacker to execute arbitrary code via the token check function. Recommendations: For yzCMS version 2.0, update to a version that fixes the token check function...
be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +300 more potentially affected by CVE-2023-34149 via org.apache.struts:struts2-core (>=2.0.5 <=2.5.30)
org.apache.struts:struts2-core MAVEN version =2.0.5, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =1.2, =1.0, =1.0, =1.0, =1.0.4 and more Source cves: CVE-2023-34149 Source advisory: OSV:GHSA-8F6X-V685-G2XC...
Urbandroid Sleep 安全漏洞
Urbandroid Sleep is an app from Urbandroid Inc. which is used to track the sleep of customers. A security vulnerability exists in Urbandroid Sleep version v.20230303 that originates from an unauthorized application causing a persistent denial of service by manipulating the SharedPreference file...
CVE-2019-25149
The Gallery Images Ape plugin for WordPress is vulnerable to Arbitrary Plugin Deactivation in versions up to, and including, 2.0.6. This allows authenticated attackers with any capability level to deactivate any plugin on the site, including plugins necessary to site functionality or security...
Jenkins Plugin SAML Single Sign On(SSO) 安全漏洞
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is a software application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is a software application. A security vulnerability...
CVE-2023-29106
A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 All versions = V2.0 = V2.0 V2.1. The export endpoint is accessible via REST API without authentication. This could allow an unauthenticated remote attacker to download the files available via the endpoint...
PT-2023-9951 · WordPress · Kau-Boy Backend Localization Plugin
Name of the Vulnerable Software and Affected Versions: Kau-Boy Backend Localization Plugin version 2.0 Description: A problematic vulnerability has been found in the Kau-Boy Backend Localization Plugin on WordPress, affecting the function backend localization admin settings/backend localization...
CVE-2023-25041
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Cththemes Monolit theme = 2.0.6 versions...
Generex UPS CS141 代码问题漏洞
The Generex UPS CS141 is a microcomputer from the German company Generex. A security vulnerability exists in the Generex UPS CS141 prior to version 2.06, which stems from a vulnerability that allows an attacker to upload a firmware file containing a webshell...