Lucene search
K

27 matches found

Patchstack
Patchstack
added 2022/10/25 12:0 a.m.21 views

WordPress Image Hover Effects Ultimate plugin <= 9.7.1 - Auth. WordPress Options Change vulnerability

Auth. WordPress Options Change vulnerability discovered by Vlad Vector Patchstack in the WordPress Image Hover Effects Ultimate plugin versions = 9.7.1. Solution Update the WordPress Image Hover Effects Ultimate plugin to the latest available version at least 9.7.2...

7.2CVSS3.2AI score0.00798EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/21 12:0 a.m.19 views

WordPress Quiz And Survey Master plugin <= 7.3.6 - Multiple Insecure direct object references (IDOR) vulnerabilities

Multiple Insecure direct object references IDOR vulnerabilities were discovered by Vlad Vector Patchstack in WordPress Quiz And Survey Master plugin versions = 7.3.6. Solution Update the WordPress Quiz And Survey Master plugin to the latest available version at least 7.3.7...

8.8CVSS3.1AI score0.00525EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/10/21 12:0 a.m.20 views

WordPress Quiz And Survey Master plugin <= 7.3.4 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Auth. Stored Cross-Site Scripting XSS vulnerabilities were discovered by Vlad Vector Patchstack in WordPress Quiz And Survey Master plugin versions = 7.3.4. Solution Update the WordPress Quiz And Survey Master plugin to the latest available version at least 7.3.5...

5.4CVSS2.7AI score0.00429EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/09/29 12:0 a.m.23 views

WordPress Accordions plugin <= 2.0.3 - Multiple Auth. Stored Cross-Site Scripting (XSS) vulnerabilities

Multiple Auth. Stored Cross-Site Scripting XSS vulnerabilities discovered by Vlad Vector Patchstack in WordPress Accordions plugin versions = 2.0.3. Solution Update the WordPress Accordions plugin to the latest available version at least 2.1.0...

4.8CVSS3.1AI score0.00404EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/09 12:0 a.m.34 views

WordPress WPide plugin <= 2.6 - Authenticated Arbitrary File Edit/Upload vulnerability

Authenticated Arbitrary File Edit/Upload vulnerability discovered by Vlad Vector Patchstack in WordPress WPide plugin versions = 2.6. Solution Update the WordPress WPIDE – File Manager & Code Editor plugin to the latest available version at least 3.0...

7.2CVSS3.3AI score0.00845EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2022/08/02 12:0 a.m.30 views

WordPress Download Manager plugin <= 3.2.48 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities

Multiple Authenticated Persistent Cross-Site Scripting XSS vulnerabilities were discovered by Vlad Vector Patchstack in the WordPress Download Manager plugin versions = 3.2.48. Solution Update the WordPress Download Manager plugin to the latest available version at least 3.2.49...

5.4CVSS3.1AI score0.00449EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2021/11/17 12:0 a.m.19 views

WordPress Backup Migration plugin <= 1.1.5 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by Vlad Visse Patchstack in WordPress Backup Migration plugin versions = 1.1.5. Solution Update the WordPress Backup Migration plugin to the latest available version at least 1.1.6...

5.4CVSS2.4AI score0.00552EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2021/07/18 12:0 a.m.18 views

WordPress iQ Block Country plugin <= 1.2.11 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by Vlad Visse Patchstack Red Team in WordPress iQ Block Country plugin versions = 1.2.11. Vulnerable parameter: &blockcountryblockmessage. Solution Update the WordPress iQ Block Country plugin to the latest available versi...

5.5CVSS2.3AI score0.01193EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2021/07/04 12:0 a.m.27 views

WordPress Popular Posts plugin <= 5.3.3 - Authenticated Persistent Cross-Site Scripting (XSS) vulnerability

Authenticated Persistent Cross-Site Scripting XSS vulnerability discovered by Vlad Visse Patchstack in WordPress Popular Posts plugin versions = 5.3.3. Solution Update the WordPress Popular Posts plugin to the latest available version at least 5.3.4...

5.5CVSS2.1AI score0.00566EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2021/04/13 12:0 a.m.5 views

Unspecified vulnerability in Vlad Tansky swiper

Vlad Tansky swiper is a Vlad Tansky open source application . Used in mobile websites , mobile Web applications and mobile native , hybrid applications . Vlad Tansky swiper 6.5.1 version of the previous security vulnerability , there is no detailed vulnerability details provided...

9.8CVSS6.7AI score0.022EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/04/12 12:0 a.m.3 views

Vlad Tansky swiper 安全漏洞

Vlad Tansky swiper is a Vlad Tansky open source application . Used in mobile websites , mobile Web applications and mobile native , hybrid applications . Vlad Tansky swiper 6.5.1 version of the previous security vulnerability , there is no detailed vulnerability details provided...

9.8CVSS5.5AI score0.022EPSS
Exploits1References8
Openbugbounty
Openbugbounty
added 2020/02/28 11:51 a.m.5 views

vlad-cvet-met.ru Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1106469 Security Researcher MrRain1996 Helped patch 952 vulnerabilities Received 4 Coordinated Disclosure badges Received 9 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting vlad-cvet-met.ru website...

Exploits0
Patchstack
Patchstack
added 2020/02/15 12:0 a.m.12 views

WordPress Realia plugin <= 1.4 - Unauthenticated IDOR leading to Arbitrary Post Deletion vulnerability

Unauthenticated IDOR leading to Arbitrary Post Deletion vulnerability found by Vlad Vector, Erwan LR in WordPress Realia plugin versions = 1.4. Solution 2020-12-03 - no patched version available, only note from WordPress plugin repository "This plugin has been closed as of August 14, 2020 and is...

3.9AI score
Exploits0References2Affected Software1
0day.today
0day.today
added 2020/02/15 12:0 a.m.136 views

Windows Kernel - Information Disclosure Vulnerability

PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant 2 extract random values from kernel...

5.6CVSS7.3AI score0.04521EPSS
Exploits4
exploitpack
exploitpack
added 2020/01/27 12:0 a.m.88 views

Windows Kernel - Information Disclosure

Windows Kernel - Information Disclosure PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant ...

2.1CVSS7.2AI score0.04521EPSS
Exploits4
Exploit DB
Exploit DB
added 2020/01/27 12:0 a.m.141 views

Microsoft Windows Kernel - Information Disclosure

PoC for the SWAPGS attack CVE-2019-1125 This holds the sources for the SWAPGS attack PoC publicly shown at Black Hat USA, 2019. Contents leakgsbkva - variant 1 look for random values in kernel memory; limited to PE kernel image header leakgsbkvat - variant 2 extract random values from kernel...

5.6CVSS7.3AI score0.04521EPSS
Exploits4
OpenVAS
OpenVAS
added 2019/08/14 12:0 a.m.271 views

Ubuntu: Security Advisory (USN-4095-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.5AI score0.52199EPSS
Exploits30References4
Prion
Prion
added 2018/01/10 6:29 p.m.15 views

Code injection

lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.targethost...

2.1CVSS6.9AI score0.00431EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2009/06/09 7:30 p.m.11 views

Improper access control

Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain usernames and passwords via a direct request for zHk8dEes3.txt...

5CVSS6.9AI score0.02286EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/06/09 7:30 p.m.17 views

CVE-2009-2024

Vlad Titarenko ASP VT Auth 1.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database file and obtain usernames and passwords via a direct request for zHk8dEes3.txt...

5CVSS6.4AI score0.02286EPSS
Exploits0References2
Rows per page
Query Builder