PT-2026-34649

The ExactMetrics – Google Analytics Dashboard for WordPress Website Stats Plugin plugin for WordPress is vulnerable to unauthorized arbitrary plugin installation and activation in all versions up to, and including, 9.1.2. This is due to the reports page exposing the 'onboarding key' transient to...

CVE-2021-41021

A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command...

PT-2026-1878

Name of the Vulnerable Software and Affected Versions TIM BPM Suite/TIM FLOW versions through 9.1.2 Description The software contains multiple authorization bypass issues. A user with low privileges can download password hashes belonging to other users, access work items owned by other users,...

WordPress Plugin WP Recipe Maker Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2022-28129

Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...

DEBIAN-CVE-2022-31780

Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...

DEBIAN-CVE-2022-31779

Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2...

PT-2022-17498 · Apache · Apache Traffic Server

Name of the Vulnerable Software and Affected Versions: Apache Traffic Server versions 8.0.0 through 9.1.2 Description: The issue is related to an Improper Input Validation vulnerability in the HTTP/2 request validation of Apache Traffic Server. This allows an attacker to create smuggle or cache...

UBUNTU-CVE-2021-45101

An issue was discovered in HTCondor before 8.8.15, 9.0.x before 9.0.4, and 9.1.x before 9.1.2. Using standard command-line tools, a user with only READ access to an HTCondor SchedD or Collector daemon can discover secrets that could allow them to control other users' jobs and/or read their data...

CVE-2021-41021

A privilege escalation vulnerability in FortiNAC versions 8.8.8 and below and 9.1.2 and below may allow an admin user to escalate the privileges to root via the sudo command...

CVE-2018-1921

IBM Campaign 9.1.0, 9.1.2, 10.1, and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152857...

PT-2019-17052 · Ibm · Ibm Campaign

Name of the Vulnerable Software and Affected Versions: IBM Campaign versions 9.1.2 through 10.1 Description: The issue allows a remote attacker to traverse directories on the system by sending a specially-crafted URL request containing dot dot sequences ../ to view arbitrary files on the system...

IBM Campaign Cross-Site Scripting Vulnerability (CNVD-2018-18596)

IBM Campaign formerly known as Unica Campaign is a management solution from IBM in the United States used to help marketers design, execute, measure, and optimize marketing advertising. A cross-site scripting vulnerability exists in IBM Campaign versions 9.1, 9.1.2, and 10, which can be exploited...

IBM BigFix Remote Control Cross-Site Scripting Vulnerability

IBM BigFix Remote Control is a set of remote control systems from IBM in the United States. A cross-site scripting vulnerability exists in IBM BigFix Remote Control 9.1.2 and earlier versions. A remote attacker can exploit this vulnerability to inject arbitrary Web script or HTML...

Cross-Site Scripting Vulnerability in Multiple Apple Products

Apple iOS, Safari, and tvOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices. safari is a web browser that is the default browser that comes with Mac OS X and iOS operating systems. tvOS is an operating system for smart TVs. webKit Page Loading is a WebKit...