‼ CVE-2022-4120 ‼
📖 Read
via "National Vulnerability Database".
The Stop Spammers Security | Block Spam Users, Comments, Forms WordPress plugin before 2022.6 passes base64 encoded user input to the unserialize() PHP function when CAPTCHA are used as second challenge, which could lead to PHP Object injection if a plugin installed on the blog has a suitable gadget chain📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4243 ‼
📖 Read
via "National Vulnerability Database".
The ImageInject WordPress plugin through TODO does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4164 ‼
📖 Read
via "National Vulnerability Database".
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_multiple_files_for_post POST parameter before concatenating it to an SQL query in 0_change-gallery.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4227 ‼
📖 Read
via "National Vulnerability Database".
The Booster for WooCommerce WordPress plugin before 5.6.3, Booster Plus for WooCommerce WordPress plugin before 6.0.0, Booster Elite for WooCommerce WordPress plugin before 6.0.0 do not escape some URLs and parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting📖 Read
via "National Vulnerability Database".
‼ CVE-2021-24942 ‼
📖 Read
via "National Vulnerability Database".
The Menu Item Visibility Control WordPress plugin through 0.5 doesn't sanitize and validate the "Visibility logic" option for WordPress menu items, which could allow highly privileged users to execute arbitrary PHP code even in a hardened environment.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4166 ‼
📖 Read
via "National Vulnerability Database".
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the addCountS POST parameter before concatenating it to an SQL query in 4_activate.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4155 ‼
📖 Read
via "National Vulnerability Database".
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the wp_user_id GET parameter before concatenating it to an SQL query in management-show-user.php. This may allow malicious users with administrator privileges (i.e. on multisite WordPress configurations) to leak sensitive information from the site's database.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4151 ‼
📖 Read
via "National Vulnerability Database".
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the option_id GET parameter before concatenating it to an SQL query in export-images-data.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4162 ‼
📖 Read
via "National Vulnerability Database".
The Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the cg_row POST parameter before concatenating it to an SQL query in 3_row-order.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4239 ‼
📖 Read
via "National Vulnerability Database".
The Workreap WordPress theme before 2.6.4 does not verify that an addon service belongs to the user issuing the request, or indeed that it is an addon service, when processing the workreap_addons_service_remove action, allowing any user to delete any post by knowing or guessing the id.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2019-9011 ‼
📖 Read
via "National Vulnerability Database".
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), an attacker can identify valid usernames.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12069 ‼
📖 Read
via "National Vulnerability Database".
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), the password-hashing feature requires insufficient computational effort.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-11101 ‼
📖 Read
via "National Vulnerability Database".
Sierra Wireless AirLink Mobility Manager (AMM) before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-4281 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Brave UX for-the-badge and classified as critical. Affected by this issue is some unknown functionality of the file .github/workflows/combine-prs.yml. The manipulation leads to os command injection. The name of the patch is 55b5a234c0fab935df5fb08365bc8fe9c37cf46b. It is recommended to apply a patch to fix this issue. VDB-216842 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-10650 ‼
📖 Read
via "National Vulnerability Database".
A deserialization flaw was discovered in jackson-databind through 2.9.10.4. It could allow an unauthenticated user to perform code execution via ignite-jta or quartz-core: org.apache.ignite.cache.jta.jndi.CacheJndiTmLookup, org.apache.ignite.cache.jta.jndi.CacheJndiTmFactory, and org.quartz.utils.JNDIConnectionProvider.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-12067 ‼
📖 Read
via "National Vulnerability Database".
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-9579 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Illumos in Nexenta NexentaStor 4.0.5 and 5.1.2, and other products. The SMB server allows an attacker to have unintended access, e.g., an attacker with WRITE_XATTR can change permissions. This occurs because of a combination of three factors: ZFS extended attributes are used to implement NT named streams, the SMB protocol requires implementations to have open handle semantics similar to those of NTFS, and the SMB server passes along certain attribute requests to the underlying object (i.e., they are not considered to be requests that pertain to the named stream).📖 Read
via "National Vulnerability Database".
‼ CVE-2019-19030 ‼
📖 Read
via "National Vulnerability Database".
Cloud Native Computing Foundation Harbor before 1.10.3 and 2.x before 2.0.1 allows resource enumeration because unauthenticated API calls reveal (via the HTTP status code) whether a resource exists.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-14802 ‼
📖 Read
via "National Vulnerability Database".
HashiCorp Nomad 0.5.0 through 0.9.4 (fixed in 0.9.5) reveals unintended environment variables to the rendering task during template rendering, aka GHSA-6hv3-7c34-4hx8. This applies to nomad/client/allocrunner/taskrunner/template.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28191 ‼
📖 Read
via "National Vulnerability Database".
The console in Togglz before 2.9.4 allows CSRF.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-18177 ‼
📖 Read
via "National Vulnerability Database".
In certain Citrix products, information disclosure can be achieved by an authenticated VPN user when there is a configured SSL VPN endpoint. This affects Citrix ADC and Citrix Gateway 13.0-58.30 and later releases before the CTX276688 update.📖 Read
via "National Vulnerability Database".