Lucene search
K

8 matches found

The Hacker News
The Hacker News
added 2024/07/17 5:25 a.m.58 views

Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP

Threat actors are actively exploiting a recently disclosed critical security flaw impacting Apache HugeGraph-Server that could lead to remote code execution attacks. Tracked as CVE-2024-27348 CVSS score: 9.8, the vulnerability impacts all versions of the software before 1.3.0. It has been describ...

8AI score0.9921EPSS
Exploits11
GithubExploit
GithubExploit
added 2024/06/12 8:14 a.m.295 views

Exploit for Improper Access Control in Apache Hugegraph

Remote Code Execution vulnerability in Apache HugeGraph Server...

9.8CVSS10AI score0.9921EPSS
Exploits11
Hacker One
Hacker One
added 2019/09/12 3:55 p.m.27 views

Node.js third-party modules: [expressjs-ip-control] Whitelist IP bypass leads to authorization bypass and sensitive info disclosure

I would like to report a unauthenticated access/authorization bypass issue in the expressjs-ip-control module. It allows to bypass the whitelist IP check in order to bypass the authorization check and possibly expose sensitive datas. Module module name: MODULE NAME version: MODULE VERSION npm pag...

0.3AI score
Exploits0
Patchstack
Patchstack
added 2017/08/08 12:0 a.m.20 views

WordPress Loginizer plugin <=1.3.5 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability found by Jonas Lejon WPScans in WordPress Loginizer plugin version 1.3.5 and earlier versions. The vulnerability exists in the init.php file of the "Blacklist and Whitelist IP Wizard." Solution Update the WordPress Loginizer plugin to the latest...

8.8CVSS2.4AI score0.00714EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2017/08/07 5:29 p.m.2 views

CVE-2017-12651

Cross Site Request Forgery CSRF exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked...

8.8CVSS5.8AI score
Exploits0References3
NVD
NVD
added 2017/08/07 5:29 p.m.26 views

CVE-2017-12651

Cross Site Request Forgery CSRF exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked...

8.8CVSS8.9AI score0.00714EPSS
Exploits1References3
Prion
Prion
added 2017/08/07 5:29 p.m.14 views

Cross site request forgery (csrf)

Cross Site Request Forgery CSRF exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked...

6.8CVSS8.8AI score0.00714EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2017/08/07 5:0 p.m.29 views

CVE-2017-12651

Cross Site Request Forgery CSRF exists in the Blacklist and Whitelist IP Wizard in init.php in the Loginizer plugin before 1.3.6 for WordPress because the HTTP Referer header is not checked...

9.3AI score0.00714EPSS
Exploits1References3
Rows per page
Query Builder