CVE-2023-52426

libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time. Bugs https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063240 Notes Author| Note ---|--- sbeatti ...

Continue Reading

10 февраля, 2024

Nextcloud: xmlrpc.php &wp-cron.php files are enabled, and will used for (DDOS),(DOS) and broutforce users attack.

Hi Hackerones Team, After previewing my target scopes and restrictions, I detremined to choese myscope " https://nextcloud.com " and started my testing phases. 1->> - ...

Continue Reading

08 февраля, 2024

Code injection

Typecho v1.2.1 was discovered to be vulnerable to an XML Quadratic Blowup attack via the component...Read More ...

Continue Reading

06 февраля, 2024

Cross site request forgery (csrf)

Cross-Site Request Forgery (CSRF) vulnerability in Bill Minozzi Disable Json API, Login Lockdown, XMLRPC, Pingback, Stop User Enumeration Anti Hacker Scan.This issue affects Disable Json API, Login Lo ...

Continue Reading

06 февраля, 2024

BIT-wordpress-multisite-2020-28036

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a...Read More ...

Continue Reading

29 января, 2024

BIT-wordpress-multisite-2020-28036

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a...Read More ...

Continue Reading

29 января, 2024

BIT-wordpress-multisite-2020-28036

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a...Read More ...

Continue Reading

29 января, 2024

BIT-wordpress-multisite-2020-28036

wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a...Read More ...

Continue Reading

29 января, 2024

1 3 4 5 6 7 101

Back to Main
Subscribe for the latest news: