Aggregator

CVE-2024-5901 | SiteOrigin Widgets Bundle up to 1.62.2 on WordPress Image Grid Widget cross site scripting

Vuldb Updates
9 months ago
A vulnerability was found in SiteOrigin Widgets Bundle up to 1.62.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component Image Grid Widget. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-5901. The attack can be launched remotely. There is no exploit available.
vuldb.com

CVE-2024-7284 | SourceCodester Lot Reservation Management System 1.0 ajax.php?action=save_settings about cross site scripting

Vuldb Updates
9 months ago
A vulnerability, which was classified as problematic, was found in SourceCodester Lot Reservation Management System 1.0. This affects an unknown part of the file /admin/ajax.php?action=save_settings. The manipulation of the argument about leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-7284. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-7285 | SourceCodester Establishment Billing Management System 1.0 ajax.php?action=save_settings name cross site scripting

Vuldb Updates
9 months ago
A vulnerability has been found in SourceCodester Establishment Billing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file /admin/ajax.php?action=save_settings. The manipulation of the argument name leads to cross site scripting. This vulnerability was named CVE-2024-7285. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2024-39320 | Discourse up to 3.2.4/3.3.0.beta4 Setting allowed_iframes injection

Vuldb Updates
9 months ago
A vulnerability has been found in Discourse up to 3.2.4/3.3.0.beta4 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Setting Handler. The manipulation of the argument allowed_iframes leads to injection. This vulnerability is known as CVE-2024-39320. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

CVE-2024-37165 | Discourse up to 3.2.2/3.3.0.beta2 Onebox Data cross site scripting

Vuldb Updates
9 months ago
A vulnerability was found in Discourse up to 3.2.2/3.3.0.beta2. It has been classified as problematic. This affects an unknown part of the component Onebox Data Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-37165. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.
vuldb.com

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

脾气

吴鲁加
9 months ago
有一种思考方法,是模拟十年后的自己,可以作为导师跟自己对话

Security Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs
9 months ago
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. New MassJacker clipper targets pirated software seekers Cisco IOS XR flaw allows attackers to crash BGP process on […]
Pierluigi Paganini

Managed ad