Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user.Read More ...
Continue ReadingJuly 07, 2022
API security news
Well-known information security vulnerabilities database
Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user.Read More ...
Continue ReadingJuly 07, 2022
The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.Read More ...
Continue ReadingJuly 07, 2022
A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.Read More ...
Continue ReadingJuly 07, 2022
Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user.Read More ...
Continue ReadingJuly 07, 2022
In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the applicatio ...
Continue ReadingJuly 07, 2022
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service (DoS) via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at ...
Continue ReadingJuly 07, 2022
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.Read More ...
Continue ReadingJuly 07, 2022
In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the applicatio ...
Continue ReadingJuly 07, 2022