Search Results (366900 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-1554 1 Fullworksplugins 1 Quick Paypal Payments 2025-01-30 4.8 Medium
The Quick Paypal Payments WordPress plugin before 5.7.26.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVE-2023-1546 1 Plainviewplugins 1 Mycryptocheckout 2025-01-30 6.1 Medium
The MyCryptoCheckout WordPress plugin before 2.124 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting
CVE-2023-1525 1 Geminilabs 1 Site Reviews 2025-01-30 4.8 Medium
The Site Reviews WordPress plugin before 6.7.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
CVE-2023-1196 1 Advancedcustomfields 1 Advanced Custom Fields 2025-01-30 8.8 High
The Advanced Custom Fields (ACF) Free and Pro WordPress plugins 6.x before 6.1.0 and 5.x before 5.12.5 unserialize user controllable data, which could allow users with a role of Contributor and above to perform PHP Object Injection when a suitable gadget is present.
CVE-2023-1125 1 Wpruby 1 Ruby Help Desk 2025-01-30 6.5 Medium
The Ruby Help Desk WordPress plugin before 1.3.4 does not ensure that the ticket being modified belongs to the user making the request, allowing an attacker to close and/or add files and replies to tickets other than their own.
CVE-2023-1090 1 Smtp Mailing Queue Project 1 Smtp Mailing Queue 2025-01-30 4.8 Medium
The SMTP Mailing Queue WordPress plugin before 2.0.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVE-2023-1021 1 Amr-ical-events-list Project 1 Amr-ical-events-list 2025-01-30 4.8 Medium
The amr ical events lists WordPress plugin through 6.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
CVE-2023-0924 1 Zyrex 1 Popup 2025-01-30 7.2 High
The ZYREX POPUP WordPress plugin through 1.0 does not validate the type of files uploaded when creating a popup, allowing a high privileged user (such as an Administrator) to upload arbitrary files, even when modifying the file system is disallowed, such as in a multisite install.
CVE-2023-0891 1 Codestag 1 Stagtools 2025-01-30 5.4 Medium
The StagTools WordPress plugin before 2.3.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
CVE-2022-47875 1 Jedox 2 Cloud, Jedox 2025-01-30 8.8 High
A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbitrary code.
CVE-2023-1383 2 Amazon, Bestbuy 3 Fire Os, Fire Tv Stick 3rd Gen, Insignia Tv 2025-01-30 5.4 Medium
An Improper Enforcement of Behavioral Workflow vulnerability in the exchangeDeviceServices function on the amzn.dmgr service allowed an attacker to register services that are only locally accessible. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3.
CVE-2023-1384 2 Amazon, Bestbuy 3 Fire Os, Fire Tv Stick 3rd Gen, Insignia Tv 2025-01-30 4.3 Medium
The setMediaSource function on the amzn.thin.pl service does not sanitize the "source" parameter allowing for arbitrary javascript code to be run This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS versions prior to 7.6.3.3.
CVE-2023-1385 2 Amazon, Bestbuy 3 Fire Os, Fire Tv Stick 3rd Gen, Insignia Tv 2025-01-30 7.1 High
Improper JPAKE implementation allows offline PIN brute-forcing due to the initialization of random values to a known value, which leads to unauthorized authentication to amzn.lightning services. This issue affects: Amazon Fire TV Stick 3rd gen versions prior to 6.2.9.5. Insignia TV with FireOS 7.6.3.3.
CVE-2024-4712 2 Microsoft, Papercut 3 Windows, Papercut Mf, Papercut Ng 2025-01-30 7.8 High
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows servers with Web Print enabled. This specific flaw exists within the image-handler process, which can incorrectly create files that don’t exist when a maliciously formed payload is provided. This can lead to local privilege escalation. Note: This CVE has been split into two (CVE-2024-4712 and CVE-2024-8405) and it’s been rescored with a "Privileges Required (PR)" rating of low, and “Attack Complexity (AC)” rating of low, reflecting the worst-case scenario where an Administrator has granted local login access to standard network users on the host server.
CVE-2024-9672 1 Papercut 2 Papercut Mf, Papercut Ng 2025-01-30 5.4 Medium
A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be used to execute specially created JavaScript payloads in the browser. A user must click on a malicious link for this issue to occur.
CVE-2023-39469 1 Papercut 2 Papercut Mf, Papercut Ng 2025-01-30 7.2 High
PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PaperCut NG. Authentication is required to exploit this vulnerability. The specific flaw exists within the External User Lookup functionality. The issue results from the lack of proper validation of a user-supplied string before using it to execute Java code. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-21013.
CVE-2024-2648 1 Netentsec 1 Application Security Gateway 2025-01-30 4.3 Medium
A vulnerability, which was classified as problematic, was found in Netentsec NS-ASG Application Security Gateway 6.3. Affected is an unknown function of the file /nac/naccheck.php. The manipulation of the argument username leads to improper neutralization of data within xpath expressions. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-257286 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-3621 1 Mayurik 1 Advocate Office Management System 2025-01-30 4.7 Medium
A vulnerability was found in SourceCodester Kortex Lite Advocate Office Management System 1.0. It has been classified as critical. This affects an unknown part of the file /control/register_case.php. The manipulation of the argument title/case_no/client_name/court/case_type/case_stage/legel_acts/description/filling_date/hearing_date/opposite_lawyer/total_fees/unpaid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260277 was assigned to this vulnerability.
CVE-2024-39354 1 Deltaww 1 Diascreen 2025-01-30 7.8 High
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in CEtherIPTagItem can be exploited, allowing the attacker to remotely execute arbitrary code.
CVE-2024-47131 1 Deltaww 1 Diascreen 2025-01-30 7.8 High
If an attacker tricks a valid user into running Delta Electronics DIAScreen with a file containing malicious code, a stack-based buffer overflow in BACnetObjectInfo can be exploited, allowing the attacker to remotely execute arbitrary code.