[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Matches : 127822 Download | Alert*

The wp-live-chat-support plugin before 8.0.27 for WordPress has XSS via the GDPR page.

The Telenav Scout GPS Link app 1.x for iOS, as used with Toyota and Lexus vehicles, has an incorrect protection mechanism against brute-force attacks on the authentication process, which makes it easier for attackers to obtain multimedia-screen access via port 7050 on the cellular network, as demonstrated by a DrivingRestriction method call to uma/jsonrpc/mobile.

The woocommerce-product-addon plugin before 18.4 for WordPress has XSS via an import of a new meta data structure.

The wp-database-backup plugin before 5.1.2 for WordPress has XSS.

The ultimate-member plugin before 2.0.52 for WordPress has XSS related to UM Roles create and edit operations.

The ultimate-member plugin before 2.0.52 for WordPress has XSS during an account upgrade.

In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input.

The ultimate-member plugin before 2.0.54 for WordPress has XSS.

3CX Phone 15 on Windows has insecure permissions on the "%PROGRAMDATA%\3CXPhone for Windows\PhoneApp" installation directory, allowing Full Control access for Everyone, and leading to privilege escalation because of a StartUp link.

An issue was discovered in the mysql (aka mysqljs) module 2.17.1 for Node.js. The LOAD DATA LOCAL INFILE option is open by default.

Pages:      Start    5    6    7    8    9    10    11    12    13    14    15    16    17    18    ..   12782

© SecPod Technologies