For providers | HunCERT group

16 Jul 2025

Riasztás

Medium - CVE-2025-7035 - The Media Library Assistant plugin for...

The Media Library Assistant plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mla_tag_cloud and mla_term_list shortcodes in all versions up to, and including,...

security-database.com

16 Jul 2025

Riasztás

NA - CVE-2025-7699 - An improper access control vulnerability was...

An improper access control vulnerability was found in the EZ Sync Manager of ADM, which allows authenticated users to copy arbitrary files from the server file system into their own EZSync folder....

security-database.com

16 Jul 2025

Riasztás

NA - CVE-2024-10029 - In Eclipse GlassFish version 7.0.15 is possible...

In Eclipse GlassFish version 7.0.15 is possible to perform Reflected Cross-site scripting attacks in the Administration Console.

security-database.com

16 Jul 2025

Riasztás

NA - CVE-2024-10031 - In Eclipse GlassFish version 7.0.15 is possible...

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site Scripting attacks by modifying the configuration file in the underlying operating system.

security-database.com

16 Jul 2025

Riasztás

NA - CVE-2024-10032 - In Eclipse GlassFish version 7.0.15 is possible...

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console.

security-database.com

16 Jul 2025

Riasztás

NA - CVE-2024-9342 - In Eclipse GlassFish version 7.0.16 or earlier...

In Eclipse GlassFish version 7.0.16 or earlier it is possible to perform Login Brute Force attacks as there is no limitation in the number of failed login attempts.

security-database.com

16 Jul 2025

Riasztás

NA - CVE-2024-9343 - In Eclipse GlassFish version 7.0.15 is possible...

In Eclipse GlassFish version 7.0.15 is possible to perform Stored Cross-site scripting attacks in the Administration Console.

security-database.com

16 Jul 2025

Riasztás

NA - CVE-2025-48150 - Missing Authorization vulnerability in Bill...

Missing Authorization vulnerability in Bill Minozzi Real Estate Property 2024 Create Your Own Fields and Search Bar WP Plugin allows Exploiting Incorrectly Configured Access Control Security...

security-database.com

16 Jul 2025

Riasztás

NA - CVE-2025-48153 - Cross-Site Request Forgery (CSRF) vulnerability...

Cross-Site Request Forgery (CSRF) vulnerability in Atakan Au Import CDN-Remote Images allows Stored XSS. This issue affects Import CDN-Remote Images: from n/a through 2.1.2.

security-database.com

16 Jul 2025

Riasztás

NA - CVE-2025-48155 - Missing Authorization vulnerability in...

Missing Authorization vulnerability in enituretechnology Residential Address Detection allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Residential Address...

security-database.com

Phone:	+36 1 279 6222 9am to 4pm
E-mail:	@email
Address:	H-1111 Budapest, Kende u. 13-17.