Exploit for Vulnerability in WordPress

CVE-2023-5561-PoC WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published ...

Continue Reading
CVE-2023-6757

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /adplanet/PlanetUser of the component API ...

Continue Reading
CVE-2023-6758

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /adplanet/PlanetCommentList of the component API. The ...

Continue Reading
Denial of service attack on the cube-api endpoint

Impact It is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. Patches The issue has been patched in the v0.34.34 and it's recomme ...

Continue Reading
PAN-OS: XML API Keys Revoked by Read-Only PAN-OS Administrator

An improper privilege management vulnerability in Palo Alto Networks PAN-OS software enables an authenticated read-only administrator to revoke active XML API keys from the firewall and disrupt XML AP ...

Continue Reading
CVE-2023-49923

An issue was discovered by Elastic whereby the Documents API of App Search logged the raw contents of indexed documents at INFO log level. Depending on the contents of such documents, this could lead ...

Continue Reading
CVE-2023-6758

A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as critical. Affected by this issue is some unknown functionality of the file /adplanet/PlanetCommentList of the component API. The ...

Continue Reading
Missing access control in Silverpeas

The notification/messaging feature of Silverpeas Core 6.3.1 does not enforce access control on the ID parameter. This allows an attacker to read all messages sent between other users; including those ...

Continue Reading

Back to Main

Subscribe for the latest news: