Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user.Read More ...
Continue Reading
July 07, 2022
A path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.Read More ...
Continue Reading
July 07, 2022
The password reset token in CWP v0.9.8.1126 is generated using known or predictable values.Read More ...
Continue Reading
July 07, 2022
In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the applicatio ...
Continue Reading
July 07, 2022
In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.Read More ...
Continue Reading
July 07, 2022
In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the applicatio ...
Continue Reading
July 07, 2022
EQS Integrity Line through 2022-07-01 allows a stored XSS via a crafted whistleblower entry.Read More ...
Continue Reading
July 07, 2022
Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user.Read More ...
Continue Reading
July 07, 2022
Back to Main
