90 matches found
CVE-2020-37056 Crystal Shard http-protection 0.2.0 - IP Spoofing Bypass
Crystal Shard http-protection 0.2.0 contains an IP spoofing vulnerability that allows attackers to bypass protection middleware by manipulating request headers. Attackers can hardcode consistent IP values across X-Forwarded-For, X-Client-IP, and X-Real-IP headers to circumvent security checks and...
EUVD-2019-6624
Malware in sbrugna...
EUVD-2019-6627
Malware in sbrugna...
EUVD-2019-6625
Malware in sbrugna...
CVE-2025-60127
Missing Authorization vulnerability in ArtistScope CopySafe Web Protection wp-copysafe-web allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CopySafe Web Protection: from n/a through = 5.1...
PT-2025-39574
Name of the Vulnerable Software and Affected Versions ArtistScope CopySafe Web Protection versions through 4.3 Description An authorization issue exists in ArtistScope CopySafe Web Protection due to incorrectly configured access control security levels. This allows for exploitation of the system...
CVE-2019-15688
Kaspersky Anti-Virus, Kaspersky Internet Security, Kaspersky Total Security, Kaspersky Free Anti-Virus, Kaspersky Small Office Security, Kaspersky Security Cloud up to 2020, the web protection component did not adequately inform the user about the threat of redirecting to an untrusted site. Bypas...
CVE-2024-38781
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ArtistScope CopySafe Web Protection allows Reflected XSS.This issue affects CopySafe Web Protection: from n/a through 3.15...
CVE-2024-38781
CVE-2024-38781 relates to ArtistScope CopySafe Web Protection (WordPress plugin) and is a Reflected Cross-Site Scripting (XSS) vulnerability in versions <= 3.15. Public vulnerability details indicate that input is improperly neutralized during web page generation, enabling reflected XSS. Multi...
CVE-2024-37514 WordPress CopySafe Web Protection plugin <= 3.14 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in ArtistScope CopySafe Web Protection allows Stored XSS.This issue affects CopySafe Web Protection: from n/a through 3.14...
CVE-2024-37514
CVE-2024-37514 is a Stored XSS vulnerability in ArtistScope CopySafe Web Protection (WordPress plugin) caused by improper input neutralization during web page generation. The issue affects CopySafe Web Protection versions up to 3.14. A remediation patch is available (the vulnerability entry is ma...
PT-2024-27619 · Artistscope · Artistscope Copysafe Web Protection
Name of the Vulnerable Software and Affected Versions: ArtistScope CopySafe Web Protection versions 3.14 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS attacks...
Webinar recap: 6 critical cyberthreats in 2024 and how to counter them
Our webinar on the 2024 State of Malware report is now available on-demand. Featuring cybersecurity experts Mark Stockley and Jérôme Segura, this webinar unpacks 2024’s most critical cyberthreats, including big game ransomware, malvertising, and emerging challenges to mobile and Mac security. Key...
Atomic Stealer distributed to Mac users via fake browser updates
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious ads were tricking victims into downloading this piece of malware under the disguise of a popular application. In an interesting new development, AMOS is now being delivered to Mac...
Credit card skimming on the rise for the holiday shopping season
As we head into shopping season, customers arent the only ones getting excited. More online shopping means more opportunities for cybercriminals to grab their share using scams and data theft. One particular threat were following closely and expect to increase over the next several weeks is credi...
Malvertising: A stealthy precursor to infostealers and ransomware attacks
This article is based on research by Jerome Segura, Senior Director of Threat Intelligence at Malwarebytes, who oversees data collection from spam feeds and telemetry to identify the most relevant threats. Malvertising, the practice of using online ads to spread malware, can have dire...
CVE-2023-29098
Unauth. Reflected Cross-Site Scripting XSS vulnerability in ArtistScope CopySafe Web Protection plugin = 3.13 versions...
CVE-2023-29098
Unauth. Reflected Cross-Site Scripting XSS vulnerability in ArtistScope CopySafe Web Protection plugin = 3.13 versions...
CVE-2023-29098
CVE-2023-29098 affects WordPress CopySafe Web Protection plugin up to version 3.13. Unauthenticated XSS vulnerability exposed on affected sites; remediation is upgrade to version 3.14 or later. Red Hat and NVD entries corroborate the issue; PatchStack lists the fix and notes cve details. If explo...
PT-2023-22146 · Artistscope · Artistscope Copysafe Web Protection
Name of the Vulnerable Software and Affected Versions: ArtistScope CopySafe Web Protection plugin versions = 3.13 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. This means that an attacker can inject malicious scripts into a website, potentially...