56 matches found
EUVD-2023-1950
Malicious code in bioql PyPI...
EUVD-2023-1990
Malicious code in bioql PyPI...
EUVD-2022-2689
Malicious code in bioql PyPI...
EUVD-2023-56805
Malicious code in bioql PyPI...
CVE-2023-52131
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Zinc Page Generator.This issue affects Page Generator: from n/a through 1.7.1...
GO-2023-1896 Zinc Cross-site Scripting vulnerability in github.com/zinclabs/zinc
Zinc Cross-site Scripting vulnerability in github.com/zinclabs/zinc...
GO-2023-1895 Zinc Cross-site Scripting vulnerability in github.com/zinclabs/zinc
Zinc Cross-site Scripting vulnerability in github.com/zinclabs/zinc...
CVE-2023-52131
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Zinc Page Generator.This issue affects Page Generator: from n/a through 1.7.1...
CVE-2023-52131
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Zinc Page Generator.This issue affects Page Generator: from n/a through 1.7.1...
Sql injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Zinc Page Generator.This issue affects Page Generator: from n/a through 1.7.1...
CVE-2023-52131 WordPress Page Generator Plugin <= 1.7.1 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Zinc Page Generator.This issue affects Page Generator: from n/a through 1.7.1...
CVE-2023-52131
CVE-2023-52131 is an authenticated SQL injection affecting the WordPress plugin Page Generator (WP Page Generator). The vulnerability is described as an authenticated (Administrator+) SQL injection in Page Generator versions up to 1.7.1. The issue is publicly tracked with a patch status of Patche...
PT-2023-31924 · WordPress · Wp Zinc Page Generator
Name of the Vulnerable Software and Affected Versions: WP Zinc Page Generator versions 1.7.1 and earlier Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in an SQL command. This allows for potential exploitation by injecti...
Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years
An Indian hack-for-hire group targeted the U.S., China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. Indian security firm under scrutiny, according to an in-depth analysis from SentinelOne, began as a...
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor
Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign. The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell. Patchwork, also...
GHSA-4FGV-8448-GF82 Zinc Cross-site Scripting vulnerability
In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete user functionality. When an authenticated user deletes a user having a XSS payload in the user id field, the javascript payload will be executed and allow an attacker to access the user’s...
GHSA-7J6X-42MM-P7JM Zinc Cross-site Scripting vulnerability
In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template with a XSS payload in the name field, the Javascript payload will be executed and allow an attacker to access the user’...
Zinc Cross-site Scripting vulnerability
In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete user functionality. When an authenticated user deletes a user having a XSS payload in the user id field, the javascript payload will be executed and allow an attacker to access the user’s...
Zinc Cross-site Scripting vulnerability
In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template with a XSS payload in the name field, the Javascript payload will be executed and allow an attacker to access the user’...
SUSE CVE-2018-11804
Spark's Apache Maven-based build includes a convenience script, 'build/mvn', that downloads and runs a zinc server to speed up compilation. It has been included in release branches since 1.3.x, up to and including master. This server will accept connections from external hosts by default. A...