Aggregator

A vulnerability, which was classified as problematic, has been found in lighttpd up to 1.1.1. Affected by this issue is some unknown functionality. The manipulation leads to improper resource management. This vulnerability is handled as CVE-2010-0295. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in WP-Members Membership Plugin up to 3.4.9.5 on WordPress. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-9231. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in Category and Taxonomy Meta Fields Plugin up to 1.0.0 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-9589. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Category and Taxonomy Meta Fields Plugin up to 1.0.0 on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2024-9590. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in Category and Taxonomy Meta Fields Plugin up to 1.0.0 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Meta Handler. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2024-9588. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in Category and Taxonomy Image Plugin up to 1.0.0 on WordPress. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-9591. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Anchor Episodes Index Plugin up to 2.1.10 on WordPress. It has been classified as problematic. Affected is the function anchor_episodes of the component Shortcode Handler. The manipulation leads to cross site scripting. This vulnerability is traded as CVE-2024-10189. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in News Kit Elementor Addons Plugin up to 1.2.1 on WordPress and classified as problematic. This issue affects some unknown processing of the component Canvas Menu Elementor Template. The manipulation leads to information disclosure. The identification of this vulnerability is CVE-2024-9541. The attack may be initiated remotely. There is no exploit available.

A vulnerability has been found in TeploBot Plugin up to 1.3 on WordPress and classified as problematic. This vulnerability affects unknown code of the component Telegram Bot Token Handler. The manipulation leads to information disclosure. This vulnerability was named CVE-2024-9627. The attack needs to be approached within the local network. There is no exploit available.

Аферист обманул тысячи пожилых людей.

A vulnerability, which was classified as problematic, was found in Public Knowledge Project pkp-lib up to 3.4.0-7. This affects an unknown part of the component Logout. The manipulation leads to open redirect. This vulnerability is uniquely identified as CVE-2024-46326. It is possible to initiate the attack remotely. There is no exploit available.

75% of Mobile Apps Fail Basic Security Tests. Hackers are increasingly focusing on the mobile channel, making mobile apps a prime target for fraud and security breaches. With this growing threat, it’s essential for organizations and app developers to adopt a proactive approach to mobile application security. The OWASP Top 10 Mobile Risks outlines the […]

The post OWASP Mobile Top 10 2024: Update Overview appeared first on Kratikal Blogs.

The post OWASP Mobile Top 10 2024: Update Overview appeared first on Security Boulevard.

A vulnerability, which was classified as problematic, has been found in Mitel MiCollab up to 9.7.1.110. Affected by this issue is some unknown functionality of the component Suite Applications Services. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-30160. The attack may be launched remotely. There is no exploit available.

A vulnerability classified as problematic was found in Mitel MiCollab up to 9.7.1.110. Affected by this vulnerability is an unknown functionality of the component Conferencing. The manipulation leads to cross site scripting. This vulnerability is known as CVE-2024-30159. The attack can be launched remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Vilo Mesh WiFi System up to 5.16.1.33. Affected is an unknown function of the component Boa Webserver. The manipulation leads to information disclosure. This vulnerability is traded as CVE-2024-40091. It is possible to launch the attack remotely. There is no exploit available.

A vulnerability was found in Zyxel USG FLEX H uOS up to 1.21. It has been rated as problematic. This issue affects some unknown processing of the component CLI. The manipulation leads to insufficiently protected credentials. The identification of this vulnerability is CVE-2024-9677. The attack needs to be approached locally. There is no exploit available.

A vulnerability was found in Vilo Mesh WiFi System up to 5.16.1.33. It has been declared as critical. This vulnerability affects the function local_app_set_router_wan. The manipulation of the argument pppoe_username/pppoe_password leads to buffer overflow. This vulnerability was named CVE-2024-40085. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Vilo Mesh WiFi System up to 5.16.1.33. It has been classified as critical. This affects the function local_app_set_router_wifi_SSID_PWD of the component Password Field Handler. The manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2024-40086. It is possible to initiate the attack remotely. There is no exploit available.