107 matches found
PT-2024-25536 · Keepassxc · Keepassxc
Name of the Vulnerable Software and Affected Versions: KeePassXC version 2.7.7 Description: The issue allows an attacker with victim privileges to recover cleartext credentials via a memory dump. It is noted that the vendor disputes this, citing memory-management constraints that make this...
WordPress plugin JS Help Desk 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...
BIT-DISCOURSE-2021-32788 Post creator of a whisper post can be revealed to non-staff users in Discourse
Discourse is an open source discussion platform. In versions prior to 2.7.7 there are two bugs which led to the post creator of a whisper post being revealed to non-staff users. 1: Staff users that creates a whisper post in a personal message is revealed to non-staff participants of the personal...
CVE-2023-36682
Cross-Site Request Forgery CSRF vulnerability in Brainstorm Force US LLC Schema Pro allows Cross Site Request Forgery.This issue affects Schema Pro: from n/a through 2.7.7...
VulnCheck KEV: CVE-2022-41840
Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin = 2.7.7 on WordPress...
WordPress JS Help Desk – Best Help Desk & Support Plugin Plugin <= 2.7.7 is vulnerable to Insecure Direct Object References (IDOR)
Software JS Help Desk – Best Help Desk & Support Plugin Type Plugin Vulnerable versions = 2.7.7 Fixed in 2.7.8 OWASP Top 10 A5: Broken Access Control Classification Insecure Direct Object References IDOR CVE CVE-2023-23679 Patch priority Low CVSS severity Low 4.6 Developer Claim ownership PSID...
WordPress BuddyForms Plugin <= 2.7.7 is vulnerable to PHP Object Injection
Software BuddyForms Type Plugin Vulnerable versions = 2.7.7 Fixed in 2.7.8 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE N/A Patch priority High CVSS severity High 5.4 Developer Claim ownership PSID 2e9e362a10ab Credits WordFence Required privilege Subscriber Published 21...
CVE-2022-41840
Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin = 2.7.7 on WordPress...
PT-2022-7189 · WordPress · Welcart Ecommerce Plugin
Name of the Vulnerable Software and Affected Versions: Welcart eCommerce plugin versions = 2.7.7 Description: The issue is related to incorrect restriction of a directory path with limited access in the Welcart eCommerce plugin for WordPress. This can allow a remote attacker to execute arbitrary...
GHSA-J5JH-HPR4-H332 Symfony Session Fixation Vulnerability
A session fixation vulnerability within the "Remember Me" login feature allows an attacker to impersonate the victim towards the web application if the session id value was previously known to the attacker. This issue has been fixed in Symfony 2.3.35, 2.6.12, and 2.7.7. Note that no fixes are...
Python 'socket.recvfrom_into' Buffer Overflow Vulnerability (Mar 2014) - Linux
Python is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
PT-2021-23084 · Discourse · Discourse
Name of the Vulnerable Software and Affected Versions: Discourse versions 2.7.7 and earlier Discourse versions 2.8.0.beta6 and earlier Description: Discourse is an open source discussion platform. There is a cross-site scripting XSS vulnerability in the platform. Rendering of some error messages...
Discourse has unspecified vulnerabilities
Discourse is an open source community discussion platform. The platform includes features such as community, email and chat rooms. A security vulnerability exists in versions of Discourse prior to 2.7.7, which can be exploited by an attacker to cause the post creator of a whispered post to be...
Design/Logic Flaw
Discourse is an open source discussion platform. In versions prior to 2.7.7 there are two bugs which led to the post creator of a whisper post being revealed to non-staff users. 1: Staff users that creates a whisper post in a personal message is revealed to non-staff participants of the personal...
CVE-2021-32788 Post creator of a whisper post can be revealed to non-staff users in Discourse
Discourse is an open source discussion platform. In versions prior to 2.7.7 there are two bugs which led to the post creator of a whisper post being revealed to non-staff users. 1: Staff users that creates a whisper post in a personal message is revealed to non-staff participants of the personal...
Mechanize: Command injection
Background Mechanize is a Ruby library used for automating interaction with websites. Description Mechanize does not neutralize filename input and could allow arbitrary code execution if an attacker can control filenames used by Mechanize. Impact Please review the referenced CVE identifiers for...
CVE-2021-21289
Mechanize is an open-source ruby library that makes automated web interaction easy. In Mechanize from version 2.0.0 and before version 2.7.7 there is a command injection vulnerability. Affected versions of mechanize allow for OS commands to be injected using several classes' methods which...
UBUNTU-CVE-2021-21289
Mechanize is an open-source ruby library that makes automated web interaction easy. In Mechanize from version 2.0.0 and before version 2.7.7 there is a command injection vulnerability. Affected versions of mechanize allow for OS commands to be injected using several classes' methods which...
Command Injection
Overview Affected versions of this package are vulnerable to Command Injection. Affected versions of mechanize allow for OS commands to be injected using several classes' methods which implicitly use Ruby's Kernel.open method. Exploitation is possible only if untrusted input is used as a local...
Autoptimize < 2.7.7 - Authenticated Arbitrary File Upload
The aoccssimport AJAX call does not ensure that the file provided is a legitimate Zip file, allowing high privilege users to upload arbitrary files, such as PHP, leading to RCE. https://drive.google.com/file/d/1siZsDiJsYRCw58Ksram5zBJOVbs-Hio1/view?usp=sharing POST /wp-admin/admin-ajax.php HTTP/1...