25 matches found
MiracleLinux 4 : xmlrpc3-3.0-4.17.AXS4 (AXSA:2018-3129:01)
The remote MiracleLinux 4 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3129:01 advisory. xmlrpc: Deserialization of untrusted Java object through tag CVE-2016-5003 Tenable has extracted the preceding description block directly from the MiracleLin...
CVE-2025-9703
The Ultimate Addons for Elementor Formerly Elementor Header & Footer Builder WordPress plugin before 2.5.0 does not sanitize SVG file contents when uploaded through the xmlrpc.php endpoint using base64 encode, leading to a Cross-Site Scripting vulnerability...
EUVD-2014-2957
Malware in sbrugna...
EUVD-2021-23720
Malware in sbrugna...
WordPress XMLRPC 3.9.2 Denial of Service
WordPress version 3.9.2 XMLRPC proof of concept denial of service exploit that leverages a vulnerability from 2014 and was originally discovered by Nir Goldshlager...
CVE-2022-44641
In Linaro Automated Validation Architecture LAVA before 2022.11, users with valid credentials can submit crafted XMLRPC requests that cause a recursive XML entity expansion, leading to excessive use of memory on the server and a Denial of Service...
U.S. Dept Of Defense: Application level DoS via xmlrpc.php
Vulnerability description: Wordpress that have xmlrpc.php enabled for pingbacks, trackbacks, etc. can be made as a part of a huge botnet causing a major DDOS. The website https://████/ has the xmlrpc.php file enabled and could thus be potentially used for such an attack against other victim hosts...
php: Out-of-bounds read in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c
An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpcdecode can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64decodexmlrpc in ext/xmlrpc/libxmlrpc/base64.c...
EulerOS 2.0 SP5 : php (EulerOS-SA-2019-1146)
According to the versions of the php packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an...
payexchanger.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-677582 Description| Value ---|--- Affected Website:| payexchanger.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
gdc.wa.gov.au Improper Access Control vulnerability
Open Bug Bounty ID: OBB-676017 Description| Value ---|--- Affected Website:| gdc.wa.gov.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
firb.gov.au Improper Access Control vulnerability
Open Bug Bounty ID: OBB-676014 Description| Value ---|--- Affected Website:| firb.gov.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
covdegreeshow.coventry.ac.uk Improper Access Control vulnerability
Open Bug Bounty ID: OBB-675974 Description| Value ---|--- Affected Website:| covdegreeshow.coventry.ac.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6....
farnhamroyal-pc.gov.uk Improper Access Control vulnerability
Open Bug Bounty ID: OBB-675895 Description| Value ---|--- Affected Website:| farnhamroyal-pc.gov.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
tintagelparishcouncil.gov.uk Improper Access Control vulnerability
Open Bug Bounty ID: OBB-675873 Description| Value ---|--- Affected Website:| tintagelparishcouncil.gov.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6....
bles.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-628542 Description| Value ---|--- Affected Website:| bles.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Wordpress Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
dailytelegraph.com.au Improper Access Control vulnerability
Open Bug Bounty ID: OBB-627660 Description| Value ---|--- Affected Website:| dailytelegraph.com.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Wordpress Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
99u.adobe.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-627098 Description| Value ---|--- Affected Website:| 99u.adobe.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
olympic.ca Improper Access Control vulnerability
Open Bug Bounty ID: OBB-627074 Description| Value ---|--- Affected Website:| olympic.ca Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Wordpress Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...
obama.org Improper Access Control vulnerability
Open Bug Bounty ID: OBB-627073 Description| Value ---|--- Affected Website:| obama.org Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Wordpress Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...