5 matches found
CVE-2025-9618
The Related Posts Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.12. This is due to missing or incorrect nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to modify plugin...
SUSE CVE-2016-4081
epan/dissectors/packet-iax2.c in the IAX2 dissector in Wireshark 1.12.x before 1.12.11 and 2.0.x before 2.0.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service infinite loop via a crafted packet...
Backdrop CMS Cross-Site Scripting Vulnerability
Backdrop CMS is an open source content management system CMS. A cross-site scripting vulnerability exists in Backdrop CMS versions 1.12.x before 1.12.8 and 1.13.x before 1.13.3. The vulnerability stems from a lack of proper validation of client-side data in the web application. An attacker can...
PT-2019-13823 · Backdrop · Backdrop Cms
Name of the Vulnerable Software and Affected Versions: Backdrop CMS versions 1.12.x through 1.12.7 Backdrop CMS versions 1.13.x through 1.13.2 Description: The issue allows the upload of entire-site configuration archives through the user interface or command line, without sufficiently checking...
Wireshark GSM CBCH Parser Denial of Service Vulnerability
Wireshark formerly known as Ethereal is a suite of network packet analysis software developed by the Wireshark team. A security vulnerability in the epan/dissectors/packet-gsmcbch.c file in the GSM CBCH parser in Wireshark versions 1.12.11 prior to 1.12.x and 2.0.3 prior to 2.0.x can be exploited...