15 matches found
EUVD-2024-52885
Malicious code in bioql PyPI...
EUVD-2022-39101
Malicious code in bioql PyPI...
CVE-2024-55985
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ydesignservices YDS Support Ticket System yds-support-ticket-system allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through = 1.0...
CVE-2024-55985
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ydesignservices YDS Support Ticket System yds-support-ticket-system allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through = 1.0...
CVE-2024-55985 WordPress YDS Support Ticket System plugin <= 1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ydesignservices YDS Support Ticket System yds-support-ticket-system allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through = 1.0...
CVE-2024-55985
CVE-2024-55985 affects YDS Support Ticket System (YDS). The issue is an SQL Injection caused by improper neutralization of input in SQL commands, affecting YDS Support Ticket System versions up to 1.0. Patch status is Unpatched according to Wordfence/Red Hat ENISA feeds. Exploitation details are ...
CVE-2024-55985 WordPress YDS Support Ticket System plugin <= 1.0 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Ydesignservices YDS Support Ticket System yds-support-ticket-system allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through = 1.0...
PT-2024-36638 · Ydesignservices · Yds Support Ticket System
Name of the Vulnerable Software and Affected Versions: ydesignservices YDS Support Ticket System versions n/a through 1.0 Description: The issue is related to an SQL Injection vulnerability, allowing attackers to execute malicious SQL commands. This is due to the improper neutralization of specia...
CVE-2022-36388
Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...
CVE-2022-36388 WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in YDS Support Ticket System plugin = 1.0 at WordPress...
CVE-2022-36388
CVE-2022-36388 : A CSRF vulnerability exists in the WordPress plugin “YDS Support Ticket System” up to version 1.0. The root cause is insufficient CSRF validation in the plugin, allowing an attacker to trick an authenticated user into performing unwanted actions. Reported CVSS v3.1 base metrics i...
PT-2022-23347 · Unknown · Yds Support Ticket System
Name of the Vulnerable Software and Affected Versions: YDS Support Ticket System plugin versions = 1.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on the web...
WordPress YDS Support Ticket System plugin <= 1.0 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence Patchstack Alliance in WordPress YDS Support Ticket System plugin versions = 1.0. Solution No patched version is available. No reply from the vendor...
YDS Support Ticket System <= 1.0 - Cross-Site Request Forgery
The plugin does not have CSRF check in some places, which could allow attackers to make logged in users perform unwanted actions...