7 matches found
WordPress Fast User Switching plugin <= 1.4.10 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Fast User Switching versions = 1.4.10...
PT-2025-53271
Name of the Vulnerable Software and Affected Versions Tikweb Management Fast User Switching versions through 1.4.10 Description A Cross-Site Request Forgery CSRF issue exists in the Fast User Switching functionality. This allows attackers to perform actions on behalf of authenticated users withou...
EUVD-2024-28414
Malicious code in bioql PyPI...
PT-2024-23420 · Alibaba · Oss Aliyun
Name of the Vulnerable Software and Affected Versions: OSS Aliyun versions 1.4.10 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecting maliciou...
CVE-2022-21404
Vulnerability in the Helidon product of Oracle Fusion Middleware component: Reactive WebServer. Supported versions that are affected are 1.4.10 and 2.0.0-RC1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Helidon. Successful attacks ...
PT-2022-18836 · Jenkins · Jenkins Rocketchat Notifier Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins RocketChat Notifier Plugin versions 1.4.10 and earlier Description: A cross-site request forgery CSRF vulnerability allows attackers to connect to an attacker-specified URL using attacker-specified credentials. This issue arises becau...
PT-2020-6223 · Pear +6 · Archive Tar +6
Name of the Vulnerable Software and Affected Versions: Archive Tar versions 1.4.10 and earlier Description: The issue is related to the deserialization of untrusted data in the Archive Tar class of the PEAR PHP library. It allows a remote attacker to overwrite protected files using a specially...