A use of get request method with sensitive query strings vulnerability in volume encryption of Synology Storage Manager package before 1.0.1-1100 allows local attackers to obtain sensitive information. More information : https://www.synology.com/en-global/security/advisory/Synology_SA_26_01
The MetaMagic SEO Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.6. This is due to missing or incorrect nonce validation on the metamagic_update_options function....
The WP Promoter plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.3. This is due to missing or incorrect nonce validation on a function. This makes...
The WPCode – Insert Headers and Footers + Custom Code Snippets – WordPress Code Manager plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 2.3.5 This is due...
The HBook plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘hb_country_iso’, ‘hb_usa_state_iso’, and ‘hb_canada_province_iso’ parameters in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping....
The Github Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘repo’ shortcode attribute in the ‘github’ shortcode in all versions up to, and including, 0.1 due to insufficient input sanitization...
The EnvíaloSimple: Email Marketing y Newsletters plugin for WordPress is vulnerable to time-based blind SQL Injection via the ‘orderby’ parameter in all versions up to, and including, 2.4.5 due to insufficient escaping on the...
The affiliate-toolkit plugin for WordPress is vulnerable to remote code execution in all versions up to, and including, 3.8.5. This is due to the plugin using the BladeOne templating engine’s runString() method which compiles...
Cross-site request forgery (CSRF) vulnerabilities allow attackers to exploit a user’s authenticated session to forge cross-site requests, inducing the execution of unintended operations such as tampering with configuration data. More information : https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/3711746568357343400
AgentClient#handle_method (lines 264-303) processes every NATS reply. It calls inject_compile_log (line 273) on every response, which reads response[‘value’][‘result’][‘compile_log_id’] (line 332-338) and passes it to download_and_delete_blob. Separately, any response containing ‘exception’ goes through format_exception (lines...
When the director sends a long-running request (e.g. compile_package), the agent’s reply JSON is consumed by AgentClient. inject_compile_log (line 332-339) reads response[‘value’][‘result’][‘compile_log_id’] and format_exception (line 318-325) reads exception[‘blobstore_id’]; both pass the agent-supplied string unmodified...
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dsgvo_contracts view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total...
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the...
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the...