15 matches found
EUVD-2018-8528
Malware in sbrugna...
EUVD-2007-2662
Malware in sbrugna...
EUVD-2022-2984
Malicious code in bioql PyPI...
EUVD-2025-7395
Malicious code in bioql PyPI...
WordPress WC Pickup Store plugin <= 1.8.9 - Settings Change Vulnerability
Settings Change Vulnerability discovered by Mika in WordPress Plugin WC Pickup Store versions = 1.8.9...
CVE-2020-0115
In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for...
CVE-2025-2247
The WP-PManager WordPress plugin through 1.2 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
CVE-2023-7229
The illi Link Party! WordPress plugin through 1.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack...
PT-2025-15677 · Unknown · Ac-Wps-11Ac Series
Name of the Vulnerable Software and Affected Versions: AC-WPS-11ac series affected versions not specified Description: A remote attacker who can log in to the product may alter the settings without appropriate privileges due to an incorrect privilege assignment vulnerability in the WEB UI setting...
CVE-2025-30912 WordPress Float menu plugin <= 6.1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
Cross-Site Request Forgery CSRF vulnerability in Wow-Company Float menu float-menu allows Cross Site Request Forgery.This issue affects Float menu: from n/a through = 6.1.2...
WordPress FunnelKit Checkout Plugin <= 3.10.3 is vulnerable to Settings Change
Software FunnelKit Checkout Type Plugin Vulnerable versions = 3.10.3 Fixed in 3.11.0 OWASP Top 10 A1: Broken Access Control Classification Settings Change CVE CVE-2023-51671 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID f63332e6c6a9 Credits Dave Jong Patchstack Required...
CVE-2022-40132
Cross-Site Request Forgery CSRF vulnerability in Seriously Simple Podcasting plugin = 2.16.0 at WordPress, leading to plugin settings change...
CVE-2020-27871
This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within...
Solarwinds SolarWinds Orion Platform 路径遍历漏洞
SolarWinds Orion Platform is a network fault and network performance management platform from SolarWinds, Inc. The platform provides real-time monitoring and analysis of network devices and supports a customizable web interface, multiple user opinions, and a mapped view of the entire network. A...
[SECURITY] [DSA 605-1] New viewcvs packages fix information leak
-------------------------------------------------------------------------- Debian Security Advisory DSA 605-1 [email protected] http://www.debian.org/security/ Martin Schulze December 6th, 2004 http://www.debian.org/security/faq -...