Riasztások

An issue in Nothing Tech Nothing OS v.2.6 allows a local attacker to escalate privileges via the NtBpfService component.

LearnDash v6.7.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the materials-content class.

LearnDash v6.7.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the ld-comment-body class.

An issue in the profile image upload function of LearnDash v6.7.1 allows attackers to cause a Denial of Service (DoS) via excessive file uploads.

Cross Site Scripting vulnerability in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to execute arbitrary code via the legal_settings parameter.

An issue in Alex Tselegidis EasyAppointments v.1.5.0 allows a remote attacker to escalate privileges via the index.php file.

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the lack of rate limiting.

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.

Cross Site Scripting vulnerability in Daylight Studio Fuel CMS v.1.5.2 allows an attacker to escalate privileges via the /fuel/blocks/ and /fuel/pages components.

A vulnerability classified as problematic has been found in olajowon Loggrove up to e428fac38cc480f011afcb1d8ce6c2bad378ddd6. Affected is an unknown function of the file...