Aggregator

Akira

Dark Feed IO
3 days 20 hours ago

You must login to view this content

cohenido

CVE-2018-3810 | Oturia Smart Google Code Inserter Plugin up to 3.4 on WordPress smartgooglecode.php saveGoogleCode sgcgoogleanalytic improper authentication (EDB-43420 / ID 865818)

Vuldb Updates
3 days 20 hours ago
A vulnerability has been found in Oturia Smart Google Code Inserter Plugin up to 3.4 on WordPress and classified as problematic. This impacts the function saveGoogleCode of the file smartgooglecode.php. Performing manipulation of the argument sgcgoogleanalytic as part of Parameter results in improper authentication. This vulnerability is cataloged as CVE-2018-3810. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The affected component should be upgraded.
vuldb.com

CVE-2018-3811 | Oturia Smart Google Code Inserter Plugin up to 3.4 on WordPress smartgooglecode.php saveGoogleAdWords $_POST["oId"] sql injection (EDB-43420 / ID 865818)

Vuldb Updates
3 days 20 hours ago
A vulnerability was found in Oturia Smart Google Code Inserter Plugin up to 3.4 on WordPress and classified as critical. Affected is the function saveGoogleAdWords of the file smartgooglecode.php. Executing manipulation of the argument $_POST["oId"] can lead to sql injection. This vulnerability is registered as CVE-2018-3811. It is possible to launch the attack remotely. Furthermore, an exploit is available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2018-9034 | Relevanssi Plugin 4.0.4 lib/interface.php tab cross site scripting (EDB-44366)

Vuldb Updates
3 days 20 hours ago
A vulnerability marked as problematic has been reported in Relevanssi Plugin 4.0.4. Affected by this vulnerability is an unknown functionality in the library lib/interface.php. This manipulation of the argument tab as part of GET Parameter causes cross site scripting. The identification of this vulnerability is CVE-2018-9034. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2018-10309 | Responsive Cookie Consent Plugin up to 1.7 on WordPress Field cross site scripting (EDB-44563)

Vuldb Updates
3 days 20 hours ago
A vulnerability, which was classified as problematic, has been found in Responsive Cookie Consent Plugin up to 1.7 on WordPress. Affected by this vulnerability is an unknown functionality of the component Field Handler. Performing manipulation results in cross site scripting. This vulnerability is known as CVE-2018-10309. Remote exploitation of the attack is possible. Furthermore, an exploit is available. It is advisable to upgrade the affected component.
vuldb.com

CVE-2018-10969 | Pie Register Plugin up to 3.0.9 on WordPress sql injection (EDB-44867)

Vuldb Updates
3 days 20 hours ago
A vulnerability identified as critical has been detected in Pie Register Plugin up to 3.0.9 on WordPress. Affected by this vulnerability is an unknown functionality. Performing manipulation results in sql injection. This vulnerability is known as CVE-2018-10969. Remote exploitation of the attack is possible. Furthermore, an exploit is available. You should upgrade the affected component.
vuldb.com

CVE-2018-19043 | Media File Manager Plugin 1.4.2 on WordPress wp-admin/admin-ajax.php from/to path traversal (EDB-45809)

Vuldb Updates
3 days 20 hours ago
A vulnerability labeled as critical has been found in Media File Manager Plugin 1.4.2 on WordPress. This vulnerability affects unknown code of the file wp-admin/admin-ajax.php. Such manipulation of the argument from/to with the input ../ leads to path traversal. This vulnerability is traded as CVE-2018-19043. The attack may be launched remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2018-19042 | Media File Manager Plugin 1.4.2 on WordPress wp-admin/admin-ajax.php dir_from/dir_to Parameter path traversal (EDB-45809)

Vuldb Updates
3 days 20 hours ago
A vulnerability identified as critical has been detected in Media File Manager Plugin 1.4.2 on WordPress. This affects the function dir_from/dir_to of the file wp-admin/admin-ajax.php. This manipulation with the input ../ as part of Parameter causes path traversal. This vulnerability appears as CVE-2018-19042. The attack may be initiated remotely. In addition, an exploit is available.
vuldb.com

Qilin

Dark Feed IO
3 days 20 hours ago

You must login to view this content

cohenido

Building a Smart Compliance Strategy in Cloud?

Security Boulevard
3 days 20 hours ago

Is your Strategy for Cloud Compliance Intelligent Enough? One question prevails: is your compliance strategy smart enough to handle the complexities of the cloud environment? Understanding Non-Human Identities & Secret Management Before delving into strategies for compliance, let’s comprehend the dynamics of Non-Human Identities (NHIs) and secrets management. NHIs are machine identities vital for cybersecurity. […]

The post Building a Smart Compliance Strategy in Cloud? appeared first on Entro.

The post Building a Smart Compliance Strategy in Cloud? appeared first on Security Boulevard.

Alison Mack

CVE-2006-7048 | Claroline 1.7.5 atutor.inc.php rootSys file inclusion (EDB-1766 / SA20003)

Vuldb Updates
3 days 21 hours ago
A vulnerability was found in Claroline 1.7.5. It has been declared as critical. Affected is an unknown function in the library inc/lib/event/init_event_manager.inc.php of the file atutor.inc.php. Executing manipulation of the argument rootSys can lead to file inclusion. This vulnerability appears as CVE-2006-7048. The attack may be performed from a remote location. In addition, an exploit is available.
vuldb.com

Managed ad