A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, l ...
Continue Reading
May 14, 2024
The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'save_post_materials' function in versions up ...
Continue Reading
May 14, 2024
The Elegant Themes Divi theme, Extra theme, and Divi Page Builder plugin for WordPress are vulnerable to DOM-Based Stored Cross-Site Scripting via the ‘title’ parameter in versions up to, and incl ...
Continue Reading
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 prior to 16.9.7, starting from 16.10 prior to 16.10.5, and starting from 16.11 prior to 16.11.2 where abusing the ...
Continue Reading
May 14, 2024
A vulnerability has been discovered in Agentejo Cockpit CMS v0.5.5 that consists in an arbitrary file upload in ‘/media/api’ parameter via post request. An attacker could upload files to the serve ...
Continue Reading
May 14, 2024
A low privileged remote attacker can use a command injection vulnerability in the API which performs remote code execution as the user-app user due to improper input validation. The confidentialit ...
Continue Reading
May 14, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is /api/DocumentTemplate/{GUID]...Read More ...
Continue Reading
May 14, 2024
An issue was discovered in linqi before 1.4.0.1 on Windows. There is /api/Cdn/GetFile local file...Read More ...
Continue Reading
May 14, 2024
Back to Main
