The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions in versions up to, and including, 1.2.5. This makes it possible for ...
Continue ReadingJanuary 28, 2023
An info leak issue was identified in all versions of GitLab EE from 13.7 prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which exposes user email id through webhook payload.Read More ...
Continue ReadingJanuary 28, 2023
Italtel NetMatch-S CI 5.2.0-20211008 has incorrect Access Control under NMSCI-WebGui/advancedsettings.jsp and NMSCIWebGui/SaveFileUploader. By not verifying permissions for access to resources, it all ...
Continue ReadingJanuary 28, 2023
The ContentStudio plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 1.2.5. This could allow unauthenticated attackers to obtain a nonce needed for ...
Continue ReadingJanuary 28, 2023
There is a Path Traversal that leads to a Local File Inclusion in Pandora FMS v764. A function is called to check that the parameter that the user has inserted does not contain malicious characteres, ...
Continue ReadingJanuary 28, 2023
The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to an unsecure token check that is susceptible to type juggling in versions up to, and including, 1.2.5. This makes it ...
Continue ReadingJanuary 28, 2023
A vulnerability, which was classified as problematic, has been found in YAFNET 3.1.9/3.1.10. This issue affects some unknown processing of the file /forum/PostPrivateMessage of the component Private M ...
Continue ReadingJanuary 28, 2023
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.Read More ...
Continue ReadingJanuary 28, 2023
Back to Main